last executing test programs: 3.772044241s ago: executing program 4 (id=3012): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000140)=@ccm_128={{0x303}, "74b658a7aa0b2d59", "a4918a29c9ea8feb40a19d514e52f36f", "c7e0a3c2", "ff9019438d66c38c"}, 0x28) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0x4, 0x0) 3.365090364s ago: executing program 3 (id=3016): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c0000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010067726574617000001c0002800800040008000000060003008100"], 0x4c}}, 0x0) 3.171849876s ago: executing program 3 (id=3018): syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2.800982354s ago: executing program 3 (id=3022): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000190001090000000000000000021800080000fd010000000008000100ac1414"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 2.695351668s ago: executing program 3 (id=3025): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'lo\x00', 0x1000}) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f0007"], 0x18) 2.296943833s ago: executing program 1 (id=3028): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000140)={0x20, r1, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r2}, {0x4}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084) 2.296832773s ago: executing program 3 (id=3029): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) 2.190722214s ago: executing program 3 (id=3031): r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[], 0x1c) 1.928589884s ago: executing program 1 (id=3034): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000190001090000000000000000021800080000fd010000000008000100ac1414"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 1.862124071s ago: executing program 2 (id=3035): setsockopt$X25_QBITINCL(0xffffffffffffffff, 0x106, 0x1, &(0x7f0000000100)=0x1, 0x4) setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0) 1.767361614s ago: executing program 1 (id=3036): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0}, 0x18) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'dummy0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0) 1.566774841s ago: executing program 2 (id=3039): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @mcast1}, 0x1c) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='fsi_master_aspeed_opb_write\x00', r1}, 0x18) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) ioctl$TUNSETOFFLOAD(r4, 0x4004743d, 0x110e22fff6) write$cgroup_type(r4, &(0x7f0000000280), 0xfffffeed) sendto$inet6(r0, &(0x7f0000000e80)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb704ee58e707d1e69b3c3a1c2c37f9c0402e14abdeb32086a49aff25e5c0f0131d59b4783316b9fa2c71c51ce76942d5f519145c9e3bf0d4182b4a62970b2ce81d35a7afc8384b387b8e21f2051d90d92323a710cabe5275d335b64453e759251a140de480541d8dd7662a14296a59eba99b95bfdf5b22992c323865b471d13ad79867e2692fd4eece299a81e2b33336b6801f51c2ae8d73e4df90c9bd70cd535b72cbdf67754acdc44b3780450308d9c5527c3314eb7b2cc38b61e96403a30a8ba0c8a357aa04d3c62bc51bcf55cf214f44a909b29c30c18c3a43c86472612086664a80f2aa8490e58352732acb96eb46deab42895d1957a6029ad86e7a5ced6bde89c158aaee721954beeebe5973059007f7dd5459029af6d3f1d73d35f07d19b7cedfc80d1d7ef37f8b113f564afd0f093202929fef43e788619ca522c7f679dd2f27949d879b4dab46581a0e054b4ed1db37e43f528748b56ec5a54b7af198d4ae551046f7814fe3a5cbc1cc7cb6655fc198939b049f3c02443148c588e34d6ebef81096b4e48f468016d2bde0828664c0874d71e2d88b3bc04079d4a504255a83c3f07a4f1c3e5a4c66f55f36e51e344392487c8299d8d1bfb568780c0d57df48990cb5d6b35c3f7445f80312186d8598faf61072d4eefc961fb5a7e72b971c8f94a8346effd27362cee8d72a98b55e317de280d2d63ee83ca7140b7913122d402c536d914c8510c81d08f0ad1c952f5b7ad5e7ef72d7c58cb4d5bafbea535b381df6ebe94c62cf782cf7ab81c017c296a88ca91d641b45748d230cf5e87e5dbee4764ea4d131ae022e6bbf3ffc3ea7b264737d9db44354bfffa63d79bc403d3ac23fb615edc382d18b0daf1bbb2fbd708d1830ddac1c3f098b8cb1ef9a0019d804bf5d953110f12f3b9a8b9b7e0c61cb5d34116add1fc9a92721ffa5fdc83e1488cf88aa6e56ad2dd55e0aadd827cc7b4e7242f01241f49e905e5e7451092c28c3f6560a6a0002e5d91fc253a5a8fd8f27e42f4f02f5849528b7d93df9b0c568022acaff410e797e88d2f8eeadbba66e423335b843df734d203fa62a861b712da8f33d5ea721767871aa2cd53e659e505507de9a54d7e6fa3c20bbfb28cd6dd2b314dabbb59e9ce15c0a94ec3b3efc54eaaa27bd7576a687dcaf58dc182662539943014a02e76dc89f48c9f83cc7199038418f965ad3dc866098b89cabcac8691b0f51ffb71902337e49293309c4480a8f1b32411cc1b55a0ec0fe2c2572fe9d488a25bfc12ba74048e1d7beee93321c7aa49ea17cb9728dc46e5272154b3b995feacbacb8885621b335274af4df9365f8c8121ff323b572d320c8fc46acd6218b9579d43005e7b0506ccb14d9a0dac4cc6efaf5366c44342eaea8b5a11457f5afbea913ce4975ab67e6a85bc46e714ca5741da38a7cceb9e85d77fd03f83f7a5ecc7241e69e2bda327f769b48ba5f13662585c72778d12bd0e9a62a3d0dbe376d1aee81e6845c2cf23f42c458ae5668c8d387bf9ab224bc9703f1c08347be810d2f19278fe8d97560b3c9f1816667d0461a25e778eb1404dcaac1ed0a6a0745f3a5d2dc1b6babf98f5135d531cb26334ef2fec4c78c95b7193935139664fc65f17b047eb3dc39e251ba52ce33f8099719f1a789db1690347355e7b02d4c522692b9597fd31abb90f973ae4eb0bd0d900cdd887ff01d4845d7f0aee39b220a65a5aeee0fd386054070723c841c042d5339cc6325f07f0f733d124c6524f388ef7419f42c06278b8fceaa3a16b202dfb539b129762397e29cdd679ca6240272fa0c3e2e8c0a27aaa407f30b4024d0638dfca1bc9483db3ccc2880f", 0x5c6, 0x6d91fb6102d8910c, 0x0, 0xfffffffffffffe38) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 1.340519359s ago: executing program 1 (id=3040): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) 1.175482692s ago: executing program 1 (id=3041): sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x14, 0x0, 0x1, 0x0, 0x0, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0xc00c4}, 0x14) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280), 0x0) sendmmsg$inet6(r0, &(0x7f0000002840)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x20}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000040)='\b', 0x1}], 0x1}}], 0x1, 0x14018891) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)=ANY=[], 0x1000f) 739.445213ms ago: executing program 0 (id=3044): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x9) recvfrom(r0, 0x0, 0x0, 0x20, 0x0, 0x0) shutdown(r0, 0x1) 658.150566ms ago: executing program 0 (id=3045): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000190001090000000000000000021800080000fd010000000008000100ac1414"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 580.921259ms ago: executing program 4 (id=3046): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000000b06010800000000000000000600000205000100070000001c0007801800018014000240ff0200000000001800000000000000010900020073797a31"], 0x44}, 0x1, 0x0, 0x0, 0x20008041}, 0x8190) 580.723549ms ago: executing program 0 (id=3047): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000cd03000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000240), &(0x7f0000000380)=r1}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff013f40c6977e0ae0a4f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 563.962692ms ago: executing program 2 (id=3048): setsockopt$X25_QBITINCL(0xffffffffffffffff, 0x106, 0x1, &(0x7f0000000100)=0x1, 0x4) setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0) 502.836874ms ago: executing program 0 (id=3049): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0}, 0x18) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'dummy0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0) 404.701634ms ago: executing program 4 (id=3050): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) 333.027028ms ago: executing program 4 (id=3051): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x9) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002cbd7000ffdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800) 312.321732ms ago: executing program 2 (id=3052): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) 188.844124ms ago: executing program 1 (id=3053): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x67, 0x5}}}}}, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df05f496d0420922f45a71c1daa8b630468cd140526c41ef8d3a4a422", 0x3, 0x1, 0x85}, 0x3c) 174.569569ms ago: executing program 0 (id=3054): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a00)={0x28, 0x4, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20004055}, 0x40010) 152.86179ms ago: executing program 2 (id=3055): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)={0x18, 0x2, 0x2, 0x201, 0x0, 0x0, {0x1, 0x0, 0x1}, [@CTA_EXPECT_TUPLE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000c0}, 0x1004) 140.219089ms ago: executing program 4 (id=3056): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0) 20.943617ms ago: executing program 0 (id=3057): pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f47", 0xe, 0x1, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0) 12.893102ms ago: executing program 4 (id=3058): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000cd03000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000240), &(0x7f0000000380)=r1}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff013f40c6977e0ae0a4f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 2 (id=3059): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x2, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x0, 0x8, 0x6}]}, 0x8) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) kernel console output (not intermixed with test programs): 6.711120][T12607] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 356.711156][T12607] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 356.711199][T12607] ? __hrtimer_setup+0x187/0x210 [ 356.711231][T12607] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 356.711265][T12607] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 356.711329][T12607] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 356.711354][T12607] ? trace_kmalloc+0x1f/0xd0 [ 356.711372][T12607] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 356.711395][T12607] ? kstrndup+0xbf/0x160 [ 356.711432][T12607] hwsim_new_radio_nl+0xea4/0x1b10 [ 356.711471][T12607] ? __pfx___nla_validate_parse+0x10/0x10 [ 356.711520][T12607] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 356.711563][T12607] ? __nla_parse+0x40/0x60 [ 356.711599][T12607] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 356.711632][T12607] genl_family_rcv_msg_doit+0x212/0x300 [ 356.711662][T12607] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 356.711714][T12607] ? bpf_lsm_capable+0x9/0x20 [ 356.711734][T12607] ? security_capable+0x7e/0x2e0 [ 356.711770][T12607] genl_rcv_msg+0x60e/0x790 [ 356.711811][T12607] ? __pfx_genl_rcv_msg+0x10/0x10 [ 356.711843][T12607] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 356.711888][T12607] netlink_rcv_skb+0x205/0x470 [ 356.711916][T12607] ? __pfx_genl_rcv_msg+0x10/0x10 [ 356.711952][T12607] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 356.711999][T12607] ? down_read+0x1ad/0x2e0 [ 356.712027][T12607] genl_rcv+0x28/0x40 [ 356.712054][T12607] netlink_unicast+0x758/0x8d0 [ 356.712088][T12607] netlink_sendmsg+0x805/0xb30 [ 356.712121][T12607] ? __pfx_netlink_sendmsg+0x10/0x10 [ 356.712148][T12607] ? aa_sock_msg_perm+0x94/0x160 [ 356.712174][T12607] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 356.712197][T12607] ? __pfx_netlink_sendmsg+0x10/0x10 [ 356.712223][T12607] __sock_sendmsg+0x21c/0x270 [ 356.712247][T12607] ____sys_sendmsg+0x505/0x830 [ 356.712281][T12607] ? __pfx_____sys_sendmsg+0x10/0x10 [ 356.712319][T12607] ? import_iovec+0x74/0xa0 [ 356.712345][T12607] ___sys_sendmsg+0x21f/0x2a0 [ 356.712375][T12607] ? __pfx____sys_sendmsg+0x10/0x10 [ 356.712439][T12607] ? __fget_files+0x2a/0x420 [ 356.712466][T12607] ? __fget_files+0x3a0/0x420 [ 356.712498][T12607] __x64_sys_sendmsg+0x19b/0x260 [ 356.712529][T12607] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 356.712568][T12607] ? rcu_is_watching+0x15/0xb0 [ 356.712602][T12607] ? do_syscall_64+0xbe/0x3b0 [ 356.712626][T12607] do_syscall_64+0xfa/0x3b0 [ 356.712645][T12607] ? lockdep_hardirqs_on+0x9c/0x150 [ 356.712662][T12607] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.712680][T12607] ? clear_bhb_loop+0x60/0xb0 [ 356.712703][T12607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.712721][T12607] RIP: 0033:0x7f686c98e929 [ 356.712739][T12607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.712755][T12607] RSP: 002b:00007f686d8c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 356.712775][T12607] RAX: ffffffffffffffda RBX: 00007f686cbb5fa0 RCX: 00007f686c98e929 [ 356.712789][T12607] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 356.712801][T12607] RBP: 00007f686ca10b39 R08: 0000000000000000 R09: 0000000000000000 [ 356.712813][T12607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.712824][T12607] R13: 0000000000000000 R14: 00007f686cbb5fa0 R15: 00007ffc61867f78 [ 356.712854][T12607] [ 357.255169][T12616] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2329'. [ 357.697830][T12634] netlink: 'syz.3.2335': attribute type 3 has an invalid length. [ 357.702587][T12638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2336'. [ 357.705612][T12634] netlink: 'syz.3.2335': attribute type 4 has an invalid length. [ 357.715269][T12638] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 357.757083][T12634] netlink: 'syz.3.2335': attribute type 5 has an invalid length. [ 357.789803][T12634] netlink: 'syz.3.2335': attribute type 6 has an invalid length. [ 357.806600][T12634] netlink: 'syz.3.2335': attribute type 7 has an invalid length. [ 357.822287][T12642] xt_bpf: check failed: parse error [ 357.839193][T12634] netlink: 'syz.3.2335': attribute type 7 has an invalid length. [ 357.866611][T12634] netlink: 12902 bytes leftover after parsing attributes in process `syz.3.2335'. [ 357.927504][T12648] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 357.944357][T12648] CPU: 0 UID: 0 PID: 12648 Comm: syz.2.2342 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 357.944390][T12648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 357.944412][T12648] Call Trace: [ 357.944421][T12648] [ 357.944432][T12648] dump_stack_lvl+0x189/0x250 [ 357.944476][T12648] ? __pfx_dump_stack_lvl+0x10/0x10 [ 357.944512][T12648] ? __pfx__printk+0x10/0x10 [ 357.944537][T12648] ? kernfs_path_from_node+0x2c/0x260 [ 357.944564][T12648] ? kernfs_path_from_node+0x2c/0x260 [ 357.944589][T12648] ? kernfs_path_from_node+0x2c/0x260 [ 357.944617][T12648] ? kernfs_path_from_node+0x22c/0x260 [ 357.944640][T12648] ? kernfs_path_from_node+0x2c/0x260 [ 357.944670][T12648] sysfs_warn_dup+0x8e/0xa0 [ 357.944695][T12648] sysfs_do_create_link_sd+0xc0/0x110 [ 357.944724][T12648] device_add_class_symlinks+0x1cf/0x240 [ 357.944754][T12648] device_add+0x475/0xb50 [ 357.944784][T12648] wiphy_register+0x199a/0x26b0 [ 357.944833][T12648] ? __pfx_wiphy_register+0x10/0x10 [ 357.944858][T12648] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 357.944896][T12648] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 357.944938][T12648] ieee80211_register_hw+0x33e1/0x4120 [ 357.944991][T12648] ? ieee80211_register_hw+0x13f1/0x4120 [ 357.945032][T12648] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 357.945069][T12648] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 357.945112][T12648] ? __hrtimer_setup+0x187/0x210 [ 357.945143][T12648] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 357.945177][T12648] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 357.945239][T12648] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 357.945264][T12648] ? trace_kmalloc+0x1f/0xd0 [ 357.945281][T12648] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 357.945304][T12648] ? kstrndup+0xbf/0x160 [ 357.945342][T12648] hwsim_new_radio_nl+0xea4/0x1b10 [ 357.945372][T12648] ? __pfx___nla_validate_parse+0x10/0x10 [ 357.945429][T12648] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 357.945472][T12648] ? __nla_parse+0x40/0x60 [ 357.945508][T12648] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 357.945541][T12648] genl_family_rcv_msg_doit+0x212/0x300 [ 357.945570][T12648] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 357.945619][T12648] ? bpf_lsm_capable+0x9/0x20 [ 357.945638][T12648] ? security_capable+0x7e/0x2e0 [ 357.945671][T12648] genl_rcv_msg+0x60e/0x790 [ 357.945710][T12648] ? __pfx_genl_rcv_msg+0x10/0x10 [ 357.945747][T12648] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 357.945789][T12648] netlink_rcv_skb+0x205/0x470 [ 357.945818][T12648] ? __pfx_genl_rcv_msg+0x10/0x10 [ 357.945854][T12648] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 357.945901][T12648] ? down_read+0x1ad/0x2e0 [ 357.945929][T12648] genl_rcv+0x28/0x40 [ 357.945961][T12648] netlink_unicast+0x758/0x8d0 [ 357.945997][T12648] netlink_sendmsg+0x805/0xb30 [ 357.946035][T12648] ? __pfx_netlink_sendmsg+0x10/0x10 [ 357.946066][T12648] ? aa_sock_msg_perm+0x94/0x160 [ 357.946096][T12648] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 357.946123][T12648] ? __pfx_netlink_sendmsg+0x10/0x10 [ 357.946151][T12648] __sock_sendmsg+0x21c/0x270 [ 357.946180][T12648] ____sys_sendmsg+0x505/0x830 [ 357.946218][T12648] ? __pfx_____sys_sendmsg+0x10/0x10 [ 357.946262][T12648] ? import_iovec+0x74/0xa0 [ 357.946288][T12648] ___sys_sendmsg+0x21f/0x2a0 [ 357.946323][T12648] ? __pfx____sys_sendmsg+0x10/0x10 [ 357.946407][T12648] ? __fget_files+0x2a/0x420 [ 357.946430][T12648] ? __fget_files+0x3a0/0x420 [ 357.946466][T12648] __x64_sys_sendmsg+0x19b/0x260 [ 357.946502][T12648] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 357.946545][T12648] ? rcu_is_watching+0x15/0xb0 [ 357.946583][T12648] ? do_syscall_64+0xbe/0x3b0 [ 357.946609][T12648] do_syscall_64+0xfa/0x3b0 [ 357.946629][T12648] ? lockdep_hardirqs_on+0x9c/0x150 [ 357.946649][T12648] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.946669][T12648] ? clear_bhb_loop+0x60/0xb0 [ 357.946696][T12648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.946718][T12648] RIP: 0033:0x7fb413b8e929 [ 357.946738][T12648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.946758][T12648] RSP: 002b:00007fb414ad5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 357.946781][T12648] RAX: ffffffffffffffda RBX: 00007fb413db5fa0 RCX: 00007fb413b8e929 [ 357.946798][T12648] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 357.946813][T12648] RBP: 00007fb413c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 357.946826][T12648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 357.946840][T12648] R13: 0000000000000000 R14: 00007fb413db5fa0 R15: 00007ffde3adb618 [ 357.946876][T12648] [ 358.742369][T12668] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2348'. [ 358.949096][T12680] netlink: 312 bytes leftover after parsing attributes in process `syz.2.2352'. [ 359.210882][T12695] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2356'. [ 359.223857][T12695] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2356'. [ 359.244313][T12695] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2356'. [ 359.325271][T12699] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2358'. [ 359.948239][T12721] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2366'. [ 360.146724][T12731] tipc: Enabled bearer , priority 0 [ 360.280443][T12727] tipc: Disabling bearer [ 360.445738][T12744] FAULT_INJECTION: forcing a failure. [ 360.445738][T12744] name failslab, interval 1, probability 0, space 0, times 0 [ 360.474649][T12744] CPU: 0 UID: 0 PID: 12744 Comm: syz.4.2373 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 360.474683][T12744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 360.474698][T12744] Call Trace: [ 360.474707][T12744] [ 360.474716][T12744] dump_stack_lvl+0x189/0x250 [ 360.474756][T12744] ? __pfx____ratelimit+0x10/0x10 [ 360.474777][T12744] ? __pfx_dump_stack_lvl+0x10/0x10 [ 360.474810][T12744] ? __pfx__printk+0x10/0x10 [ 360.474836][T12744] ? __pfx___might_resched+0x10/0x10 [ 360.474876][T12744] ? fs_reclaim_acquire+0x7d/0x100 [ 360.474907][T12744] should_fail_ex+0x414/0x560 [ 360.474939][T12744] should_failslab+0xa8/0x100 [ 360.474964][T12744] __kmalloc_node_track_caller_noprof+0xcc/0x4e0 [ 360.474987][T12744] ? __request_module+0x2d1/0x5e0 [ 360.475023][T12744] kstrdup+0x42/0x100 [ 360.475052][T12744] __request_module+0x2d1/0x5e0 [ 360.475088][T12744] ? __pfx___request_module+0x10/0x10 [ 360.475117][T12744] ? __up_read+0x280/0x680 [ 360.475141][T12744] ? __pfx___up_read+0x10/0x10 [ 360.475183][T12744] crypto_alg_mod_lookup+0xa5/0x5f0 [ 360.475210][T12744] crypto_add_alg+0x235/0x3b0 [ 360.475240][T12744] ? __pfx_crypto_add_alg+0x10/0x10 [ 360.475267][T12744] crypto_user_rcv_msg+0x477/0x570 [ 360.475295][T12744] ? __lock_acquire+0xab9/0xd20 [ 360.475328][T12744] ? __pfx_crypto_user_rcv_msg+0x10/0x10 [ 360.475380][T12744] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 360.475413][T12744] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 360.475450][T12744] ? rcu_is_watching+0x15/0xb0 [ 360.475494][T12744] netlink_rcv_skb+0x205/0x470 [ 360.475521][T12744] ? __pfx_crypto_user_rcv_msg+0x10/0x10 [ 360.475552][T12744] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 360.475591][T12744] ? netlink_deliver_tap+0x2e/0x1b0 [ 360.475616][T12744] ? netlink_deliver_tap+0x2e/0x1b0 [ 360.475646][T12744] crypto_netlink_rcv+0x2a/0x40 [ 360.475677][T12744] netlink_unicast+0x758/0x8d0 [ 360.475713][T12744] netlink_sendmsg+0x805/0xb30 [ 360.475749][T12744] ? __pfx_netlink_sendmsg+0x10/0x10 [ 360.475779][T12744] ? aa_sock_msg_perm+0x94/0x160 [ 360.475808][T12744] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 360.475834][T12744] ? __pfx_netlink_sendmsg+0x10/0x10 [ 360.475869][T12744] __sock_sendmsg+0x21c/0x270 [ 360.475898][T12744] ____sys_sendmsg+0x505/0x830 [ 360.475934][T12744] ? __pfx_____sys_sendmsg+0x10/0x10 [ 360.475976][T12744] ? import_iovec+0x74/0xa0 [ 360.476001][T12744] ___sys_sendmsg+0x21f/0x2a0 [ 360.476035][T12744] ? __pfx____sys_sendmsg+0x10/0x10 [ 360.476107][T12744] ? __fget_files+0x2a/0x420 [ 360.476130][T12744] ? __fget_files+0x3a0/0x420 [ 360.476166][T12744] __x64_sys_sendmsg+0x19b/0x260 [ 360.476200][T12744] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 360.476242][T12744] ? __pfx_ksys_write+0x10/0x10 [ 360.476259][T12744] ? rcu_is_watching+0x15/0xb0 [ 360.476296][T12744] ? do_syscall_64+0xbe/0x3b0 [ 360.476323][T12744] do_syscall_64+0xfa/0x3b0 [ 360.476343][T12744] ? lockdep_hardirqs_on+0x9c/0x150 [ 360.476364][T12744] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.476385][T12744] ? clear_bhb_loop+0x60/0xb0 [ 360.476410][T12744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.476429][T12744] RIP: 0033:0x7f19a8f8e929 [ 360.476447][T12744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.476464][T12744] RSP: 002b:00007f19a9e38038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 360.476486][T12744] RAX: ffffffffffffffda RBX: 00007f19a91b5fa0 RCX: 00007f19a8f8e929 [ 360.476502][T12744] RDX: 0000000000000080 RSI: 0000200000000200 RDI: 0000000000000003 [ 360.476515][T12744] RBP: 00007f19a9e38090 R08: 0000000000000000 R09: 0000000000000000 [ 360.476529][T12744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 360.476542][T12744] R13: 0000000000000000 R14: 00007f19a91b5fa0 R15: 00007ffe42fd0838 [ 360.476576][T12744] [ 361.435511][T12778] tipc: Enabled bearer , priority 0 [ 361.489475][T12777] netlink: 'syz.4.2381': attribute type 10 has an invalid length. [ 361.527250][T12778] tipc: Disabling bearer [ 361.662493][T12790] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 362.096036][T12811] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 362.291595][T12818] __nla_validate_parse: 10 callbacks suppressed [ 362.291619][T12818] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2396'. [ 362.308921][T12819] FAULT_INJECTION: forcing a failure. [ 362.308921][T12819] name failslab, interval 1, probability 0, space 0, times 0 [ 362.323434][T12819] CPU: 1 UID: 0 PID: 12819 Comm: syz.2.2397 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 362.323467][T12819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 362.323481][T12819] Call Trace: [ 362.323490][T12819] [ 362.323500][T12819] dump_stack_lvl+0x189/0x250 [ 362.323538][T12819] ? __pfx____ratelimit+0x10/0x10 [ 362.323560][T12819] ? __pfx_dump_stack_lvl+0x10/0x10 [ 362.323593][T12819] ? __pfx__printk+0x10/0x10 [ 362.323630][T12819] ? __pfx___might_resched+0x10/0x10 [ 362.323670][T12819] should_fail_ex+0x414/0x560 [ 362.323703][T12819] should_failslab+0xa8/0x100 [ 362.323729][T12819] __kmalloc_cache_noprof+0x70/0x3d0 [ 362.323751][T12819] ? call_usermodehelper_setup+0x8e/0x270 [ 362.323780][T12819] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 362.323807][T12819] call_usermodehelper_setup+0x8e/0x270 [ 362.323836][T12819] ? __pfx_free_modprobe_argv+0x10/0x10 [ 362.323872][T12819] __request_module+0x39f/0x5e0 [ 362.323911][T12819] ? __pfx___request_module+0x10/0x10 [ 362.323938][T12819] ? __up_read+0x280/0x680 [ 362.323963][T12819] ? __pfx___up_read+0x10/0x10 [ 362.324005][T12819] crypto_alg_mod_lookup+0xa5/0x5f0 [ 362.324034][T12819] crypto_add_alg+0x235/0x3b0 [ 362.324063][T12819] ? __pfx_crypto_add_alg+0x10/0x10 [ 362.324090][T12819] crypto_user_rcv_msg+0x477/0x570 [ 362.324126][T12819] ? __pfx_crypto_user_rcv_msg+0x10/0x10 [ 362.324180][T12819] ? __mutex_trylock_common+0x153/0x260 [ 362.324207][T12819] ? __pfx___mutex_trylock_common+0x10/0x10 [ 362.324234][T12819] ? rcu_is_watching+0x15/0xb0 [ 362.324267][T12819] ? trace_contention_end+0x39/0x120 [ 362.324297][T12819] netlink_rcv_skb+0x205/0x470 [ 362.324325][T12819] ? __pfx_crypto_user_rcv_msg+0x10/0x10 [ 362.324356][T12819] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 362.324398][T12819] ? netlink_deliver_tap+0x2e/0x1b0 [ 362.324425][T12819] ? netlink_deliver_tap+0x2e/0x1b0 [ 362.324461][T12819] crypto_netlink_rcv+0x2a/0x40 [ 362.324487][T12819] netlink_unicast+0x758/0x8d0 [ 362.324525][T12819] netlink_sendmsg+0x805/0xb30 [ 362.324563][T12819] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.324595][T12819] ? aa_sock_msg_perm+0x94/0x160 [ 362.324633][T12819] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 362.324660][T12819] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.324688][T12819] __sock_sendmsg+0x21c/0x270 [ 362.324717][T12819] ____sys_sendmsg+0x505/0x830 [ 362.324754][T12819] ? __pfx_____sys_sendmsg+0x10/0x10 [ 362.324797][T12819] ? import_iovec+0x74/0xa0 [ 362.324823][T12819] ___sys_sendmsg+0x21f/0x2a0 [ 362.324857][T12819] ? __pfx____sys_sendmsg+0x10/0x10 [ 362.324931][T12819] ? __fget_files+0x2a/0x420 [ 362.324953][T12819] ? __fget_files+0x3a0/0x420 [ 362.324988][T12819] __x64_sys_sendmsg+0x19b/0x260 [ 362.325022][T12819] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 362.325065][T12819] ? __pfx_ksys_write+0x10/0x10 [ 362.325083][T12819] ? rcu_is_watching+0x15/0xb0 [ 362.325121][T12819] ? do_syscall_64+0xbe/0x3b0 [ 362.325148][T12819] do_syscall_64+0xfa/0x3b0 [ 362.325169][T12819] ? lockdep_hardirqs_on+0x9c/0x150 [ 362.325189][T12819] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.325211][T12819] ? clear_bhb_loop+0x60/0xb0 [ 362.325237][T12819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.325257][T12819] RIP: 0033:0x7fb413b8e929 [ 362.325277][T12819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.325295][T12819] RSP: 002b:00007fb414ad5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 362.325318][T12819] RAX: ffffffffffffffda RBX: 00007fb413db5fa0 RCX: 00007fb413b8e929 [ 362.325333][T12819] RDX: 0000000000000080 RSI: 0000200000000200 RDI: 0000000000000003 [ 362.325346][T12819] RBP: 00007fb414ad5090 R08: 0000000000000000 R09: 0000000000000000 [ 362.325360][T12819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.325373][T12819] R13: 0000000000000000 R14: 00007fb413db5fa0 R15: 00007ffde3adb618 [ 362.325406][T12819] [ 363.422696][T12839] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 363.464584][T12842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2402'. [ 364.150463][T12870] netlink: 'syz.3.2412': attribute type 29 has an invalid length. [ 364.174274][T12870] netlink: 'syz.3.2412': attribute type 29 has an invalid length. [ 364.667322][T12885] tipc: New replicast peer: 255.255.255.255 [ 364.673979][T12885] tipc: Enabled bearer , priority 10 [ 365.761815][T12891] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2418'. [ 365.818464][T12891] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2418'. [ 365.874349][T12899] FAULT_INJECTION: forcing a failure. [ 365.874349][T12899] name failslab, interval 1, probability 0, space 0, times 0 [ 365.938684][T12899] CPU: 0 UID: 0 PID: 12899 Comm: syz.1.2420 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 365.938718][T12899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 365.938732][T12899] Call Trace: [ 365.938741][T12899] [ 365.938750][T12899] dump_stack_lvl+0x189/0x250 [ 365.938790][T12899] ? __pfx____ratelimit+0x10/0x10 [ 365.938811][T12899] ? __pfx_dump_stack_lvl+0x10/0x10 [ 365.938844][T12899] ? __pfx__printk+0x10/0x10 [ 365.938873][T12899] ? __pfx___might_resched+0x10/0x10 [ 365.938904][T12899] ? fs_reclaim_acquire+0x7d/0x100 [ 365.938935][T12899] should_fail_ex+0x414/0x560 [ 365.938967][T12899] should_failslab+0xa8/0x100 [ 365.938992][T12899] __kmalloc_cache_noprof+0x70/0x3d0 [ 365.939012][T12899] ? nfnetlink_rcv+0xeff/0x2520 [ 365.939037][T12899] nfnetlink_rcv+0xeff/0x2520 [ 365.939094][T12899] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 365.939134][T12899] ? ref_tracker_free+0x63a/0x7d0 [ 365.939198][T12899] ? __netlink_deliver_tap+0x807/0x850 [ 365.939235][T12899] ? netlink_deliver_tap+0x2e/0x1b0 [ 365.939261][T12899] ? netlink_deliver_tap+0x2e/0x1b0 [ 365.939300][T12899] netlink_unicast+0x758/0x8d0 [ 365.939337][T12899] netlink_sendmsg+0x805/0xb30 [ 365.939375][T12899] ? __pfx_netlink_sendmsg+0x10/0x10 [ 365.939406][T12899] ? aa_sock_msg_perm+0x94/0x160 [ 365.939435][T12899] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 365.939461][T12899] ? __pfx_netlink_sendmsg+0x10/0x10 [ 365.939489][T12899] __sock_sendmsg+0x21c/0x270 [ 365.939517][T12899] ____sys_sendmsg+0x505/0x830 [ 365.939554][T12899] ? __pfx_____sys_sendmsg+0x10/0x10 [ 365.939596][T12899] ? import_iovec+0x74/0xa0 [ 365.939622][T12899] ___sys_sendmsg+0x21f/0x2a0 [ 365.939655][T12899] ? __pfx____sys_sendmsg+0x10/0x10 [ 365.939729][T12899] ? __fget_files+0x2a/0x420 [ 365.939751][T12899] ? __fget_files+0x3a0/0x420 [ 365.939787][T12899] __x64_sys_sendmsg+0x19b/0x260 [ 365.939821][T12899] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 365.939864][T12899] ? __pfx_ksys_write+0x10/0x10 [ 365.939881][T12899] ? rcu_is_watching+0x15/0xb0 [ 365.939920][T12899] ? do_syscall_64+0xbe/0x3b0 [ 365.939946][T12899] do_syscall_64+0xfa/0x3b0 [ 365.939967][T12899] ? lockdep_hardirqs_on+0x9c/0x150 [ 365.939986][T12899] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.940007][T12899] ? clear_bhb_loop+0x60/0xb0 [ 365.940033][T12899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.940053][T12899] RIP: 0033:0x7febf618e929 [ 365.940073][T12899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 365.940091][T12899] RSP: 002b:00007febf6f12038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 365.940114][T12899] RAX: ffffffffffffffda RBX: 00007febf63b5fa0 RCX: 00007febf618e929 [ 365.940130][T12899] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 365.940143][T12899] RBP: 00007febf6f12090 R08: 0000000000000000 R09: 0000000000000000 [ 365.940156][T12899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 365.940168][T12899] R13: 0000000000000000 R14: 00007febf63b5fa0 R15: 00007ffcdb981a98 [ 365.940201][T12899] [ 366.291524][T12907] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2422'. [ 366.683526][T12909] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 366.736693][T12909] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.822045][T12922] batadv_slave_0: entered promiscuous mode [ 366.839607][T12922] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2427'. [ 366.899003][T12922] batadv_slave_0 (unregistering): left promiscuous mode [ 367.061454][T12936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2430'. [ 367.070970][T12936] netlink: 312 bytes leftover after parsing attributes in process `syz.0.2430'. [ 367.081079][T12936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2430'. [ 367.201852][T12909] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 367.227818][T12909] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.317678][T12939] macsec2: entered promiscuous mode [ 367.323521][T12939] macsec2: entered allmulticast mode [ 367.420202][T12909] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 367.453535][T12909] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.584576][T12909] batman_adv: batadv0: Removing interface: netdevsim0 [ 367.606150][T12909] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 367.634860][T12909] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.837254][ T49] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 367.866187][ T49] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.906909][ T9915] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 367.915165][ T9915] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.942050][T12963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2439'. [ 367.968313][T12963] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2439'. [ 367.971744][T12958] FAULT_INJECTION: forcing a failure. [ 367.971744][T12958] name failslab, interval 1, probability 0, space 0, times 0 [ 367.983832][T12963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2439'. [ 368.003953][ T9915] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 368.012446][T12958] CPU: 1 UID: 0 PID: 12958 Comm: syz.2.2438 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 368.012478][T12958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 368.012493][T12958] Call Trace: [ 368.012503][T12958] [ 368.012513][T12958] dump_stack_lvl+0x189/0x250 [ 368.012551][T12958] ? __pfx____ratelimit+0x10/0x10 [ 368.012572][T12958] ? __pfx_dump_stack_lvl+0x10/0x10 [ 368.012605][T12958] ? __pfx__printk+0x10/0x10 [ 368.012631][T12958] ? __pfx___might_resched+0x10/0x10 [ 368.012672][T12958] ? fs_reclaim_acquire+0x7d/0x100 [ 368.012703][T12958] should_fail_ex+0x414/0x560 [ 368.012741][T12958] should_failslab+0xa8/0x100 [ 368.012766][T12958] __kmalloc_node_track_caller_noprof+0xcc/0x4e0 [ 368.012788][T12958] ? __request_module+0x2d1/0x5e0 [ 368.012824][T12958] kstrdup+0x42/0x100 [ 368.012852][T12958] __request_module+0x2d1/0x5e0 [ 368.012889][T12958] ? __pfx___request_module+0x10/0x10 [ 368.012916][T12958] ? __up_read+0x280/0x680 [ 368.012940][T12958] ? __pfx___up_read+0x10/0x10 [ 368.012982][T12958] crypto_alg_mod_lookup+0xeb/0x5f0 [ 368.013010][T12958] crypto_add_alg+0x235/0x3b0 [ 368.013037][T12958] ? __pfx_crypto_add_alg+0x10/0x10 [ 368.013072][T12958] crypto_user_rcv_msg+0x477/0x570 [ 368.013108][T12958] ? __pfx_crypto_user_rcv_msg+0x10/0x10 [ 368.013156][T12958] ? __mutex_trylock_common+0x153/0x260 [ 368.013182][T12958] ? __pfx___mutex_trylock_common+0x10/0x10 [ 368.013209][T12958] ? rcu_is_watching+0x15/0xb0 [ 368.013242][T12958] ? trace_contention_end+0x39/0x120 [ 368.013271][T12958] netlink_rcv_skb+0x205/0x470 [ 368.013299][T12958] ? __pfx_crypto_user_rcv_msg+0x10/0x10 [ 368.013331][T12958] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 368.013373][T12958] ? netlink_deliver_tap+0x2e/0x1b0 [ 368.013399][T12958] ? netlink_deliver_tap+0x2e/0x1b0 [ 368.013435][T12958] crypto_netlink_rcv+0x2a/0x40 [ 368.013461][T12958] netlink_unicast+0x758/0x8d0 [ 368.013498][T12958] netlink_sendmsg+0x805/0xb30 [ 368.013536][T12958] ? __pfx_netlink_sendmsg+0x10/0x10 [ 368.013568][T12958] ? aa_sock_msg_perm+0x94/0x160 [ 368.013598][T12958] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 368.013624][T12958] ? __pfx_netlink_sendmsg+0x10/0x10 [ 368.013652][T12958] __sock_sendmsg+0x21c/0x270 [ 368.013680][T12958] ____sys_sendmsg+0x505/0x830 [ 368.013717][T12958] ? __pfx_____sys_sendmsg+0x10/0x10 [ 368.013760][T12958] ? import_iovec+0x74/0xa0 [ 368.013786][T12958] ___sys_sendmsg+0x21f/0x2a0 [ 368.013820][T12958] ? __pfx____sys_sendmsg+0x10/0x10 [ 368.013893][T12958] ? __fget_files+0x2a/0x420 [ 368.013915][T12958] ? __fget_files+0x3a0/0x420 [ 368.013951][T12958] __x64_sys_sendmsg+0x19b/0x260 [ 368.013985][T12958] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 368.014028][T12958] ? __pfx_ksys_write+0x10/0x10 [ 368.014051][T12958] ? rcu_is_watching+0x15/0xb0 [ 368.014089][T12958] ? do_syscall_64+0xbe/0x3b0 [ 368.014116][T12958] do_syscall_64+0xfa/0x3b0 [ 368.014137][T12958] ? lockdep_hardirqs_on+0x9c/0x150 [ 368.014157][T12958] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.014177][T12958] ? clear_bhb_loop+0x60/0xb0 [ 368.014201][T12958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.014221][T12958] RIP: 0033:0x7fb413b8e929 [ 368.014240][T12958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.014306][T12958] RSP: 002b:00007fb414ad5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 368.014329][T12958] RAX: ffffffffffffffda RBX: 00007fb413db5fa0 RCX: 00007fb413b8e929 [ 368.014344][T12958] RDX: 0000000000000080 RSI: 0000200000000200 RDI: 0000000000000003 [ 368.014358][T12958] RBP: 00007fb414ad5090 R08: 0000000000000000 R09: 0000000000000000 [ 368.014371][T12958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 368.014383][T12958] R13: 0000000000000000 R14: 00007fb413db5fa0 R15: 00007ffde3adb618 [ 368.014417][T12958] [ 368.195978][ T9915] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.425854][T12976] FAULT_INJECTION: forcing a failure. [ 368.425854][T12976] name failslab, interval 1, probability 0, space 0, times 0 [ 368.440994][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 368.462232][T12976] CPU: 1 UID: 0 PID: 12976 Comm: syz.0.2443 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 368.462266][T12976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 368.462280][T12976] Call Trace: [ 368.462289][T12976] [ 368.462299][T12976] dump_stack_lvl+0x189/0x250 [ 368.462337][T12976] ? __pfx____ratelimit+0x10/0x10 [ 368.462359][T12976] ? __pfx_dump_stack_lvl+0x10/0x10 [ 368.462392][T12976] ? __pfx__printk+0x10/0x10 [ 368.462422][T12976] ? __pfx___might_resched+0x10/0x10 [ 368.462452][T12976] ? fs_reclaim_acquire+0x7d/0x100 [ 368.462483][T12976] should_fail_ex+0x414/0x560 [ 368.462515][T12976] ? rhashtable_init_noprof+0x4ee/0xbb0 [ 368.462545][T12976] should_failslab+0xa8/0x100 [ 368.462569][T12976] __kvmalloc_node_noprof+0x161/0x5f0 [ 368.462593][T12976] ? rhashtable_init_noprof+0x4ee/0xbb0 [ 368.462630][T12976] rhashtable_init_noprof+0x4ee/0xbb0 [ 368.462669][T12976] rhltable_init_noprof+0x1e/0x60 [ 368.462701][T12976] nf_tables_newtable+0x68f/0x1890 [ 368.462755][T12976] nfnetlink_rcv+0x112f/0x2520 [ 368.462813][T12976] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 368.462852][T12976] ? ref_tracker_free+0x63a/0x7d0 [ 368.462916][T12976] ? __netlink_deliver_tap+0x807/0x850 [ 368.462953][T12976] ? netlink_deliver_tap+0x2e/0x1b0 [ 368.462978][T12976] ? netlink_deliver_tap+0x2e/0x1b0 [ 368.463011][T12976] netlink_unicast+0x758/0x8d0 [ 368.463048][T12976] netlink_sendmsg+0x805/0xb30 [ 368.463085][T12976] ? __pfx_netlink_sendmsg+0x10/0x10 [ 368.463116][T12976] ? aa_sock_msg_perm+0x94/0x160 [ 368.463146][T12976] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 368.463172][T12976] ? __pfx_netlink_sendmsg+0x10/0x10 [ 368.463200][T12976] __sock_sendmsg+0x21c/0x270 [ 368.463233][T12976] ____sys_sendmsg+0x505/0x830 [ 368.463271][T12976] ? __pfx_____sys_sendmsg+0x10/0x10 [ 368.463313][T12976] ? import_iovec+0x74/0xa0 [ 368.463338][T12976] ___sys_sendmsg+0x21f/0x2a0 [ 368.463372][T12976] ? __pfx____sys_sendmsg+0x10/0x10 [ 368.463439][T12976] ? __fget_files+0x2a/0x420 [ 368.463462][T12976] ? __fget_files+0x3a0/0x420 [ 368.463495][T12976] __x64_sys_sendmsg+0x19b/0x260 [ 368.463527][T12976] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 368.463567][T12976] ? __pfx_ksys_write+0x10/0x10 [ 368.463583][T12976] ? rcu_is_watching+0x15/0xb0 [ 368.463619][T12976] ? do_syscall_64+0xbe/0x3b0 [ 368.463646][T12976] do_syscall_64+0xfa/0x3b0 [ 368.463667][T12976] ? lockdep_hardirqs_on+0x9c/0x150 [ 368.463686][T12976] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.463706][T12976] ? clear_bhb_loop+0x60/0xb0 [ 368.463731][T12976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.463751][T12976] RIP: 0033:0x7f686c98e929 [ 368.463770][T12976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.463787][T12976] RSP: 002b:00007f686d8c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 368.463807][T12976] RAX: ffffffffffffffda RBX: 00007f686cbb5fa0 RCX: 00007f686c98e929 [ 368.463823][T12976] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 368.463836][T12976] RBP: 00007f686d8c8090 R08: 0000000000000000 R09: 0000000000000000 [ 368.463849][T12976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 368.463860][T12976] R13: 0000000000000000 R14: 00007f686cbb5fa0 R15: 00007ffc61867f78 [ 368.463893][T12976] [ 368.464789][T12973] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2442'. [ 368.492467][ T9915] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 368.492505][ T9915] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.506770][T12971] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2442'. [ 368.597742][T12978] ip6t_REJECT: ECHOREPLY is not supported [ 368.617936][T12971] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2442'. [ 368.670768][T12981] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 369.074856][T12991] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 369.096175][T12993] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2450'. [ 369.123285][T12991] CPU: 0 UID: 0 PID: 12991 Comm: syz.2.2448 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 369.123320][T12991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 369.123334][T12991] Call Trace: [ 369.123344][T12991] [ 369.123354][T12991] dump_stack_lvl+0x189/0x250 [ 369.123398][T12991] ? __pfx_dump_stack_lvl+0x10/0x10 [ 369.123433][T12991] ? __pfx__printk+0x10/0x10 [ 369.123458][T12991] ? kernfs_path_from_node+0x2c/0x260 [ 369.123486][T12991] ? kernfs_path_from_node+0x2c/0x260 [ 369.123509][T12991] ? kernfs_path_from_node+0x2c/0x260 [ 369.123536][T12991] ? kernfs_path_from_node+0x22c/0x260 [ 369.123560][T12991] ? kernfs_path_from_node+0x2c/0x260 [ 369.123590][T12991] sysfs_warn_dup+0x8e/0xa0 [ 369.123614][T12991] sysfs_do_create_link_sd+0xc0/0x110 [ 369.123643][T12991] device_add_class_symlinks+0x1cf/0x240 [ 369.123673][T12991] device_add+0x475/0xb50 [ 369.123704][T12991] wiphy_register+0x199a/0x26b0 [ 369.123750][T12991] ? __pfx_wiphy_register+0x10/0x10 [ 369.123776][T12991] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 369.123814][T12991] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 369.123847][T12991] ieee80211_register_hw+0x33e1/0x4120 [ 369.123899][T12991] ? ieee80211_register_hw+0x13f1/0x4120 [ 369.123940][T12991] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 369.123976][T12991] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 369.124017][T12991] ? __hrtimer_setup+0x187/0x210 [ 369.124048][T12991] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 369.124081][T12991] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 369.124142][T12991] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 369.124181][T12991] ? trace_kmalloc+0x1f/0xd0 [ 369.124200][T12991] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 369.124222][T12991] ? kstrndup+0xbf/0x160 [ 369.124260][T12991] hwsim_new_radio_nl+0xea4/0x1b10 [ 369.124291][T12991] ? __pfx___nla_validate_parse+0x10/0x10 [ 369.124341][T12991] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 369.124383][T12991] ? __nla_parse+0x40/0x60 [ 369.124419][T12991] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 369.124451][T12991] genl_family_rcv_msg_doit+0x212/0x300 [ 369.124482][T12991] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 369.124531][T12991] ? bpf_lsm_capable+0x9/0x20 [ 369.124550][T12991] ? security_capable+0x7e/0x2e0 [ 369.124586][T12991] genl_rcv_msg+0x60e/0x790 [ 369.124628][T12991] ? __pfx_genl_rcv_msg+0x10/0x10 [ 369.124660][T12991] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 369.124704][T12991] netlink_rcv_skb+0x205/0x470 [ 369.124731][T12991] ? __pfx_genl_rcv_msg+0x10/0x10 [ 369.124764][T12991] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 369.124811][T12991] ? down_read+0x1ad/0x2e0 [ 369.124840][T12991] genl_rcv+0x28/0x40 [ 369.124871][T12991] netlink_unicast+0x758/0x8d0 [ 369.124909][T12991] netlink_sendmsg+0x805/0xb30 [ 369.124949][T12991] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.124982][T12991] ? aa_sock_msg_perm+0x94/0x160 [ 369.125013][T12991] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 369.125038][T12991] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.125065][T12991] __sock_sendmsg+0x21c/0x270 [ 369.125093][T12991] ____sys_sendmsg+0x505/0x830 [ 369.125130][T12991] ? __pfx_____sys_sendmsg+0x10/0x10 [ 369.125183][T12991] ? import_iovec+0x74/0xa0 [ 369.125211][T12991] ___sys_sendmsg+0x21f/0x2a0 [ 369.125247][T12991] ? __pfx____sys_sendmsg+0x10/0x10 [ 369.125323][T12991] ? __fget_files+0x2a/0x420 [ 369.125346][T12991] ? __fget_files+0x3a0/0x420 [ 369.125383][T12991] __x64_sys_sendmsg+0x19b/0x260 [ 369.125419][T12991] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 369.125463][T12991] ? rcu_is_watching+0x15/0xb0 [ 369.125502][T12991] ? do_syscall_64+0xbe/0x3b0 [ 369.125531][T12991] do_syscall_64+0xfa/0x3b0 [ 369.125553][T12991] ? lockdep_hardirqs_on+0x9c/0x150 [ 369.125574][T12991] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.125596][T12991] ? clear_bhb_loop+0x60/0xb0 [ 369.125622][T12991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.125643][T12991] RIP: 0033:0x7fb413b8e929 [ 369.125663][T12991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.125683][T12991] RSP: 002b:00007fb414ad5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 369.125706][T12991] RAX: ffffffffffffffda RBX: 00007fb413db5fa0 RCX: 00007fb413b8e929 [ 369.125723][T12991] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 369.125736][T12991] RBP: 00007fb413c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 369.125748][T12991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 369.125761][T12991] R13: 0000000000000000 R14: 00007fb413db5fa0 R15: 00007ffde3adb618 [ 369.125797][T12991] [ 369.603533][T12995] netlink: 'syz.4.2449': attribute type 11 has an invalid length. [ 369.892400][T13011] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 369.905092][T13011] CPU: 0 UID: 0 PID: 13011 Comm: syz.2.2454 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 369.905128][T13011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 369.905153][T13011] Call Trace: [ 369.905164][T13011] [ 369.905173][T13011] dump_stack_lvl+0x189/0x250 [ 369.905217][T13011] ? __pfx_dump_stack_lvl+0x10/0x10 [ 369.905252][T13011] ? __pfx__printk+0x10/0x10 [ 369.905277][T13011] ? kernfs_path_from_node+0x2c/0x260 [ 369.905303][T13011] ? kernfs_path_from_node+0x2c/0x260 [ 369.905325][T13011] ? kernfs_path_from_node+0x2c/0x260 [ 369.905352][T13011] ? kernfs_path_from_node+0x22c/0x260 [ 369.905375][T13011] ? kernfs_path_from_node+0x2c/0x260 [ 369.905405][T13011] sysfs_warn_dup+0x8e/0xa0 [ 369.905429][T13011] sysfs_do_create_link_sd+0xc0/0x110 [ 369.905457][T13011] device_add_class_symlinks+0x1cf/0x240 [ 369.905487][T13011] device_add+0x475/0xb50 [ 369.905516][T13011] wiphy_register+0x199a/0x26b0 [ 369.905576][T13011] ? __pfx_wiphy_register+0x10/0x10 [ 369.905602][T13011] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 369.905639][T13011] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 369.905675][T13011] ieee80211_register_hw+0x33e1/0x4120 [ 369.905727][T13011] ? ieee80211_register_hw+0x13f1/0x4120 [ 369.905768][T13011] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 369.905805][T13011] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 369.905872][T13011] ? __hrtimer_setup+0x187/0x210 [ 369.905902][T13011] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 369.905934][T13011] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 369.905996][T13011] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 369.906022][T13011] ? trace_kmalloc+0x1f/0xd0 [ 369.906039][T13011] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 369.906069][T13011] ? kstrndup+0xbf/0x160 [ 369.906107][T13011] hwsim_new_radio_nl+0xea4/0x1b10 [ 369.906139][T13011] ? __pfx___nla_validate_parse+0x10/0x10 [ 369.906197][T13011] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 369.906241][T13011] ? __nla_parse+0x40/0x60 [ 369.906277][T13011] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 369.906329][T13011] genl_family_rcv_msg_doit+0x212/0x300 [ 369.906378][T13011] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 369.906449][T13011] ? bpf_lsm_capable+0x9/0x20 [ 369.906470][T13011] ? security_capable+0x7e/0x2e0 [ 369.906516][T13011] genl_rcv_msg+0x60e/0x790 [ 369.906557][T13011] ? __pfx_genl_rcv_msg+0x10/0x10 [ 369.906588][T13011] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 369.906627][T13011] netlink_rcv_skb+0x205/0x470 [ 369.906656][T13011] ? __pfx_genl_rcv_msg+0x10/0x10 [ 369.906691][T13011] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 369.906739][T13011] ? down_read+0x1ad/0x2e0 [ 369.906766][T13011] genl_rcv+0x28/0x40 [ 369.906797][T13011] netlink_unicast+0x758/0x8d0 [ 369.906835][T13011] netlink_sendmsg+0x805/0xb30 [ 369.906874][T13011] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.906907][T13011] ? aa_sock_msg_perm+0x94/0x160 [ 369.906952][T13011] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 369.906993][T13011] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.907022][T13011] __sock_sendmsg+0x21c/0x270 [ 369.907051][T13011] ____sys_sendmsg+0x505/0x830 [ 369.907092][T13011] ? __pfx_____sys_sendmsg+0x10/0x10 [ 369.907135][T13011] ? import_iovec+0x74/0xa0 [ 369.907170][T13011] ___sys_sendmsg+0x21f/0x2a0 [ 369.907205][T13011] ? __pfx____sys_sendmsg+0x10/0x10 [ 369.907280][T13011] ? __fget_files+0x2a/0x420 [ 369.907304][T13011] ? __fget_files+0x3a0/0x420 [ 369.907342][T13011] __x64_sys_sendmsg+0x19b/0x260 [ 369.907377][T13011] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 369.907420][T13011] ? rcu_is_watching+0x15/0xb0 [ 369.907460][T13011] ? do_syscall_64+0xbe/0x3b0 [ 369.907486][T13011] do_syscall_64+0xfa/0x3b0 [ 369.907507][T13011] ? lockdep_hardirqs_on+0x9c/0x150 [ 369.907527][T13011] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.907549][T13011] ? clear_bhb_loop+0x60/0xb0 [ 369.907576][T13011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.907598][T13011] RIP: 0033:0x7fb413b8e929 [ 369.907618][T13011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.907637][T13011] RSP: 002b:00007fb414ad5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 369.907660][T13011] RAX: ffffffffffffffda RBX: 00007fb413db5fa0 RCX: 00007fb413b8e929 [ 369.907676][T13011] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 369.907690][T13011] RBP: 00007fb413c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 369.907703][T13011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 369.907716][T13011] R13: 0000000000000000 R14: 00007fb413db5fa0 R15: 00007ffde3adb618 [ 369.907752][T13011] [ 370.625880][T13023] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2460'. [ 370.656764][T13028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2460'. [ 370.665804][T13028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2460'. [ 370.952892][T13044] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 371.307184][T13059] tipc: Enabling of bearer rejected, already enabled [ 372.502670][T13083] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 372.519637][T13083] CPU: 0 UID: 0 PID: 13083 Comm: syz.0.2478 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 372.519673][T13083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 372.519688][T13083] Call Trace: [ 372.519697][T13083] [ 372.519707][T13083] dump_stack_lvl+0x189/0x250 [ 372.519750][T13083] ? __pfx_dump_stack_lvl+0x10/0x10 [ 372.519783][T13083] ? __pfx__printk+0x10/0x10 [ 372.519806][T13083] ? kernfs_path_from_node+0x2c/0x260 [ 372.519833][T13083] ? kernfs_path_from_node+0x2c/0x260 [ 372.519855][T13083] ? kernfs_path_from_node+0x2c/0x260 [ 372.519883][T13083] ? kernfs_path_from_node+0x22c/0x260 [ 372.519906][T13083] ? kernfs_path_from_node+0x2c/0x260 [ 372.519960][T13083] sysfs_warn_dup+0x8e/0xa0 [ 372.519984][T13083] sysfs_do_create_link_sd+0xc0/0x110 [ 372.520011][T13083] device_add_class_symlinks+0x1cf/0x240 [ 372.520042][T13083] device_add+0x475/0xb50 [ 372.520071][T13083] wiphy_register+0x199a/0x26b0 [ 372.520116][T13083] ? __pfx_wiphy_register+0x10/0x10 [ 372.520142][T13083] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 372.520181][T13083] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 372.520217][T13083] ieee80211_register_hw+0x33e1/0x4120 [ 372.520268][T13083] ? ieee80211_register_hw+0x13f1/0x4120 [ 372.520311][T13083] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 372.520348][T13083] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 372.520391][T13083] ? __hrtimer_setup+0x187/0x210 [ 372.520423][T13083] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 372.520457][T13083] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 372.520520][T13083] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 372.520545][T13083] ? trace_kmalloc+0x1f/0xd0 [ 372.520562][T13083] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 372.520584][T13083] ? kstrndup+0xbf/0x160 [ 372.520622][T13083] hwsim_new_radio_nl+0xea4/0x1b10 [ 372.520650][T13083] ? __pfx___nla_validate_parse+0x10/0x10 [ 372.520699][T13083] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 372.520741][T13083] ? __nla_parse+0x40/0x60 [ 372.520777][T13083] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 372.520810][T13083] genl_family_rcv_msg_doit+0x212/0x300 [ 372.520840][T13083] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 372.520889][T13083] ? bpf_lsm_capable+0x9/0x20 [ 372.520916][T13083] ? security_capable+0x7e/0x2e0 [ 372.520953][T13083] genl_rcv_msg+0x60e/0x790 [ 372.520994][T13083] ? __pfx_genl_rcv_msg+0x10/0x10 [ 372.521027][T13083] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 372.521068][T13083] netlink_rcv_skb+0x205/0x470 [ 372.521097][T13083] ? __pfx_genl_rcv_msg+0x10/0x10 [ 372.521132][T13083] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 372.521180][T13083] ? down_read+0x1ad/0x2e0 [ 372.521208][T13083] genl_rcv+0x28/0x40 [ 372.521238][T13083] netlink_unicast+0x758/0x8d0 [ 372.521277][T13083] netlink_sendmsg+0x805/0xb30 [ 372.521317][T13083] ? __pfx_netlink_sendmsg+0x10/0x10 [ 372.521349][T13083] ? aa_sock_msg_perm+0x94/0x160 [ 372.521380][T13083] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 372.521407][T13083] ? __pfx_netlink_sendmsg+0x10/0x10 [ 372.521436][T13083] __sock_sendmsg+0x21c/0x270 [ 372.521465][T13083] ____sys_sendmsg+0x505/0x830 [ 372.521505][T13083] ? __pfx_____sys_sendmsg+0x10/0x10 [ 372.521549][T13083] ? import_iovec+0x74/0xa0 [ 372.521576][T13083] ___sys_sendmsg+0x21f/0x2a0 [ 372.521611][T13083] ? __pfx____sys_sendmsg+0x10/0x10 [ 372.521689][T13083] ? __fget_files+0x2a/0x420 [ 372.521713][T13083] ? __fget_files+0x3a0/0x420 [ 372.521749][T13083] __x64_sys_sendmsg+0x19b/0x260 [ 372.521785][T13083] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 372.521838][T13083] ? rcu_is_watching+0x15/0xb0 [ 372.521878][T13083] ? do_syscall_64+0xbe/0x3b0 [ 372.521913][T13083] do_syscall_64+0xfa/0x3b0 [ 372.521935][T13083] ? lockdep_hardirqs_on+0x9c/0x150 [ 372.521955][T13083] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.521977][T13083] ? clear_bhb_loop+0x60/0xb0 [ 372.522005][T13083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.522027][T13083] RIP: 0033:0x7f686c98e929 [ 372.522049][T13083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.522067][T13083] RSP: 002b:00007f686d8c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 372.522091][T13083] RAX: ffffffffffffffda RBX: 00007f686cbb5fa0 RCX: 00007f686c98e929 [ 372.522107][T13083] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 372.522122][T13083] RBP: 00007f686ca10b39 R08: 0000000000000000 R09: 0000000000000000 [ 372.522136][T13083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.522149][T13083] R13: 0000000000000000 R14: 00007f686cbb5fa0 R15: 00007ffc61867f78 [ 372.522185][T13083] [ 373.099554][T13085] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 373.116684][T13095] __nla_validate_parse: 5 callbacks suppressed [ 373.116710][T13095] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2481'. [ 373.145852][T13085] CPU: 0 UID: 0 PID: 13085 Comm: syz.3.2479 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 373.145888][T13085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 373.145903][T13085] Call Trace: [ 373.145914][T13085] [ 373.145925][T13085] dump_stack_lvl+0x189/0x250 [ 373.145971][T13085] ? __pfx_dump_stack_lvl+0x10/0x10 [ 373.146005][T13085] ? __pfx__printk+0x10/0x10 [ 373.146031][T13085] ? kernfs_path_from_node+0x2c/0x260 [ 373.146057][T13085] ? kernfs_path_from_node+0x2c/0x260 [ 373.146082][T13085] ? kernfs_path_from_node+0x2c/0x260 [ 373.146109][T13085] ? kernfs_path_from_node+0x22c/0x260 [ 373.146133][T13085] ? kernfs_path_from_node+0x2c/0x260 [ 373.146161][T13085] sysfs_warn_dup+0x8e/0xa0 [ 373.146186][T13085] sysfs_do_create_link_sd+0xc0/0x110 [ 373.146215][T13085] device_add_class_symlinks+0x1cf/0x240 [ 373.146245][T13085] device_add+0x475/0xb50 [ 373.146275][T13085] wiphy_register+0x199a/0x26b0 [ 373.146322][T13085] ? __pfx_wiphy_register+0x10/0x10 [ 373.146348][T13085] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 373.146385][T13085] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 373.146425][T13085] ieee80211_register_hw+0x33e1/0x4120 [ 373.146477][T13085] ? ieee80211_register_hw+0x13f1/0x4120 [ 373.146520][T13085] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 373.146557][T13085] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 373.146611][T13085] ? __hrtimer_setup+0x187/0x210 [ 373.146642][T13085] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 373.146675][T13085] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 373.146737][T13085] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 373.146760][T13085] ? trace_kmalloc+0x1f/0xd0 [ 373.146776][T13085] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 373.146799][T13085] ? kstrndup+0xbf/0x160 [ 373.146837][T13085] hwsim_new_radio_nl+0xea4/0x1b10 [ 373.146867][T13085] ? __pfx___nla_validate_parse+0x10/0x10 [ 373.146915][T13085] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 373.146945][T13085] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 373.146978][T13085] ? __nla_parse+0x40/0x60 [ 373.147014][T13085] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 373.147046][T13085] genl_family_rcv_msg_doit+0x212/0x300 [ 373.147076][T13085] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 373.147127][T13085] ? bpf_lsm_capable+0x9/0x20 [ 373.147147][T13085] ? security_capable+0x7e/0x2e0 [ 373.147183][T13085] genl_rcv_msg+0x60e/0x790 [ 373.147226][T13085] ? __pfx_genl_rcv_msg+0x10/0x10 [ 373.147258][T13085] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 373.147303][T13085] netlink_rcv_skb+0x205/0x470 [ 373.147331][T13085] ? __pfx_genl_rcv_msg+0x10/0x10 [ 373.147367][T13085] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 373.147417][T13085] ? down_read+0x1ad/0x2e0 [ 373.147445][T13085] genl_rcv+0x28/0x40 [ 373.147476][T13085] netlink_unicast+0x758/0x8d0 [ 373.147515][T13085] netlink_sendmsg+0x805/0xb30 [ 373.147553][T13085] ? __pfx_netlink_sendmsg+0x10/0x10 [ 373.147594][T13085] ? aa_sock_msg_perm+0x94/0x160 [ 373.147625][T13085] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 373.147652][T13085] ? __pfx_netlink_sendmsg+0x10/0x10 [ 373.147682][T13085] __sock_sendmsg+0x21c/0x270 [ 373.147712][T13085] ____sys_sendmsg+0x505/0x830 [ 373.147751][T13085] ? __pfx_____sys_sendmsg+0x10/0x10 [ 373.147795][T13085] ? import_iovec+0x74/0xa0 [ 373.147822][T13085] ___sys_sendmsg+0x21f/0x2a0 [ 373.147857][T13085] ? __pfx____sys_sendmsg+0x10/0x10 [ 373.147935][T13085] ? __fget_files+0x2a/0x420 [ 373.147959][T13085] ? __fget_files+0x3a0/0x420 [ 373.147997][T13085] __x64_sys_sendmsg+0x19b/0x260 [ 373.148033][T13085] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 373.148078][T13085] ? rcu_is_watching+0x15/0xb0 [ 373.148119][T13085] ? do_syscall_64+0xbe/0x3b0 [ 373.148147][T13085] do_syscall_64+0xfa/0x3b0 [ 373.148169][T13085] ? lockdep_hardirqs_on+0x9c/0x150 [ 373.148190][T13085] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.148212][T13085] ? clear_bhb_loop+0x60/0xb0 [ 373.148239][T13085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.148260][T13085] RIP: 0033:0x7f7b3558e929 [ 373.148282][T13085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.148302][T13085] RSP: 002b:00007f7b363ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 373.148327][T13085] RAX: ffffffffffffffda RBX: 00007f7b357b5fa0 RCX: 00007f7b3558e929 [ 373.148343][T13085] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 373.148357][T13085] RBP: 00007f7b35610b39 R08: 0000000000000000 R09: 0000000000000000 [ 373.148371][T13085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 373.148384][T13085] R13: 0000000000000000 R14: 00007f7b357b5fa0 R15: 00007ffd9a6e7d48 [ 373.148420][T13085] [ 374.070919][T13110] tipc: Enabling of bearer rejected, already enabled [ 375.097851][T13134] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2494'. [ 375.765808][T13157] tipc: New replicast peer: 255.255.255.255 [ 375.797366][T13157] tipc: Enabled bearer , priority 10 [ 376.706711][T13170] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2507'. [ 376.757207][T13170] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 377.154619][T13196] tipc: Enabling of bearer rejected, already enabled [ 377.256309][T13198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2517'. [ 378.203337][T13219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'. [ 378.250423][T13219] netlink: 312 bytes leftover after parsing attributes in process `syz.2.2525'. [ 378.265716][T13212] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2524'. [ 378.316803][T13219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'. [ 378.391642][T13228] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 378.428148][T13228] CPU: 1 UID: 0 PID: 13228 Comm: syz.3.2527 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 378.428186][T13228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 378.428200][T13228] Call Trace: [ 378.428210][T13228] [ 378.428221][T13228] dump_stack_lvl+0x189/0x250 [ 378.428266][T13228] ? __pfx_dump_stack_lvl+0x10/0x10 [ 378.428301][T13228] ? __pfx__printk+0x10/0x10 [ 378.428327][T13228] ? kernfs_path_from_node+0x2c/0x260 [ 378.428354][T13228] ? kernfs_path_from_node+0x2c/0x260 [ 378.428378][T13228] ? kernfs_path_from_node+0x2c/0x260 [ 378.428406][T13228] ? kernfs_path_from_node+0x22c/0x260 [ 378.428429][T13228] ? kernfs_path_from_node+0x2c/0x260 [ 378.428459][T13228] sysfs_warn_dup+0x8e/0xa0 [ 378.428484][T13228] sysfs_do_create_link_sd+0xc0/0x110 [ 378.428513][T13228] device_add_class_symlinks+0x1cf/0x240 [ 378.428543][T13228] device_add+0x475/0xb50 [ 378.428572][T13228] wiphy_register+0x199a/0x26b0 [ 378.428619][T13228] ? __pfx_wiphy_register+0x10/0x10 [ 378.428645][T13228] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 378.428687][T13228] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 378.428722][T13228] ieee80211_register_hw+0x33e1/0x4120 [ 378.428774][T13228] ? ieee80211_register_hw+0x13f1/0x4120 [ 378.428815][T13228] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 378.428852][T13228] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 378.428895][T13228] ? __hrtimer_setup+0x187/0x210 [ 378.428927][T13228] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 378.428961][T13228] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 378.429032][T13228] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 378.429058][T13228] ? trace_kmalloc+0x1f/0xd0 [ 378.429075][T13228] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 378.429098][T13228] ? kstrndup+0xbf/0x160 [ 378.429138][T13228] hwsim_new_radio_nl+0xea4/0x1b10 [ 378.429168][T13228] ? __pfx___nla_validate_parse+0x10/0x10 [ 378.429218][T13228] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 378.429260][T13228] ? __nla_parse+0x40/0x60 [ 378.429296][T13228] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 378.429329][T13228] genl_family_rcv_msg_doit+0x212/0x300 [ 378.429359][T13228] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 378.429408][T13228] ? bpf_lsm_capable+0x9/0x20 [ 378.429428][T13228] ? security_capable+0x7e/0x2e0 [ 378.429464][T13228] genl_rcv_msg+0x60e/0x790 [ 378.429506][T13228] ? __pfx_genl_rcv_msg+0x10/0x10 [ 378.429539][T13228] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 378.429583][T13228] netlink_rcv_skb+0x205/0x470 [ 378.429612][T13228] ? __pfx_genl_rcv_msg+0x10/0x10 [ 378.429647][T13228] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 378.429696][T13228] ? down_read+0x1ad/0x2e0 [ 378.429724][T13228] genl_rcv+0x28/0x40 [ 378.429755][T13228] netlink_unicast+0x758/0x8d0 [ 378.429794][T13228] netlink_sendmsg+0x805/0xb30 [ 378.429835][T13228] ? __pfx_netlink_sendmsg+0x10/0x10 [ 378.429867][T13228] ? aa_sock_msg_perm+0x94/0x160 [ 378.429899][T13228] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 378.429925][T13228] ? __pfx_netlink_sendmsg+0x10/0x10 [ 378.429955][T13228] __sock_sendmsg+0x21c/0x270 [ 378.429984][T13228] ____sys_sendmsg+0x505/0x830 [ 378.430032][T13228] ? __pfx_____sys_sendmsg+0x10/0x10 [ 378.430076][T13228] ? import_iovec+0x74/0xa0 [ 378.430102][T13228] ___sys_sendmsg+0x21f/0x2a0 [ 378.430138][T13228] ? __pfx____sys_sendmsg+0x10/0x10 [ 378.430217][T13228] ? __fget_files+0x2a/0x420 [ 378.430241][T13228] ? __fget_files+0x3a0/0x420 [ 378.430278][T13228] __x64_sys_sendmsg+0x19b/0x260 [ 378.430314][T13228] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 378.430359][T13228] ? rcu_is_watching+0x15/0xb0 [ 378.430399][T13228] ? do_syscall_64+0xbe/0x3b0 [ 378.430427][T13228] do_syscall_64+0xfa/0x3b0 [ 378.430448][T13228] ? lockdep_hardirqs_on+0x9c/0x150 [ 378.430469][T13228] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.430491][T13228] ? clear_bhb_loop+0x60/0xb0 [ 378.430518][T13228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.430539][T13228] RIP: 0033:0x7f7b3558e929 [ 378.430560][T13228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 378.430580][T13228] RSP: 002b:00007f7b363ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 378.430605][T13228] RAX: ffffffffffffffda RBX: 00007f7b357b5fa0 RCX: 00007f7b3558e929 [ 378.430622][T13228] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 378.430637][T13228] RBP: 00007f7b35610b39 R08: 0000000000000000 R09: 0000000000000000 [ 378.430651][T13228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 378.430665][T13228] R13: 0000000000000000 R14: 00007f7b357b5fa0 R15: 00007ffd9a6e7d48 [ 378.430701][T13228] [ 378.892216][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.918816][T13232] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2528'. [ 379.030131][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.036868][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.122911][T13238] netlink: 'syz.2.2530': attribute type 29 has an invalid length. [ 379.139454][T13238] netlink: 'syz.2.2530': attribute type 29 has an invalid length. [ 379.149017][T13238] netlink: 500 bytes leftover after parsing attributes in process `syz.2.2530'. [ 379.296929][T13251] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2534'. [ 379.322477][T13252] FAULT_INJECTION: forcing a failure. [ 379.322477][T13252] name failslab, interval 1, probability 0, space 0, times 0 [ 379.335293][T13252] CPU: 1 UID: 0 PID: 13252 Comm: syz.3.2536 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 379.335321][T13252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 379.335332][T13252] Call Trace: [ 379.335340][T13252] [ 379.335348][T13252] dump_stack_lvl+0x189/0x250 [ 379.335380][T13252] ? __pfx____ratelimit+0x10/0x10 [ 379.335398][T13252] ? __pfx_dump_stack_lvl+0x10/0x10 [ 379.335425][T13252] ? __pfx__printk+0x10/0x10 [ 379.335448][T13252] ? __pfx___might_resched+0x10/0x10 [ 379.335474][T13252] ? fs_reclaim_acquire+0x7d/0x100 [ 379.335499][T13252] should_fail_ex+0x414/0x560 [ 379.335526][T13252] should_failslab+0xa8/0x100 [ 379.335546][T13252] __kmalloc_cache_noprof+0x70/0x3d0 [ 379.335562][T13252] ? nf_tables_newchain+0x1d01/0x2900 [ 379.335593][T13252] nf_tables_newchain+0x1d01/0x2900 [ 379.335631][T13252] ? __pfx_nf_tables_newchain+0x10/0x10 [ 379.335685][T13252] ? nfnl_pernet+0x23/0x240 [ 379.335710][T13252] ? __nla_parse+0x40/0x60 [ 379.335739][T13252] nfnetlink_rcv+0x112f/0x2520 [ 379.335783][T13252] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 379.335813][T13252] ? ref_tracker_free+0x63a/0x7d0 [ 379.335871][T13252] ? __netlink_deliver_tap+0x807/0x850 [ 379.335901][T13252] ? netlink_deliver_tap+0x2e/0x1b0 [ 379.335921][T13252] ? netlink_deliver_tap+0x2e/0x1b0 [ 379.335947][T13252] netlink_unicast+0x758/0x8d0 [ 379.335976][T13252] netlink_sendmsg+0x805/0xb30 [ 379.336006][T13252] ? __pfx_netlink_sendmsg+0x10/0x10 [ 379.336031][T13252] ? aa_sock_msg_perm+0x94/0x160 [ 379.336055][T13252] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 379.336076][T13252] ? __pfx_netlink_sendmsg+0x10/0x10 [ 379.336099][T13252] __sock_sendmsg+0x21c/0x270 [ 379.336123][T13252] ____sys_sendmsg+0x505/0x830 [ 379.336154][T13252] ? __pfx_____sys_sendmsg+0x10/0x10 [ 379.336187][T13252] ? import_iovec+0x74/0xa0 [ 379.336207][T13252] ___sys_sendmsg+0x21f/0x2a0 [ 379.336235][T13252] ? __pfx____sys_sendmsg+0x10/0x10 [ 379.336291][T13252] ? __fget_files+0x2a/0x420 [ 379.336309][T13252] ? __fget_files+0x3a0/0x420 [ 379.336338][T13252] __x64_sys_sendmsg+0x19b/0x260 [ 379.336367][T13252] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 379.336407][T13252] ? __pfx_ksys_write+0x10/0x10 [ 379.336423][T13252] ? rcu_is_watching+0x15/0xb0 [ 379.336460][T13252] ? do_syscall_64+0xbe/0x3b0 [ 379.336487][T13252] do_syscall_64+0xfa/0x3b0 [ 379.336507][T13252] ? lockdep_hardirqs_on+0x9c/0x150 [ 379.336527][T13252] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.336548][T13252] ? clear_bhb_loop+0x60/0xb0 [ 379.336574][T13252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.336594][T13252] RIP: 0033:0x7f7b3558e929 [ 379.336614][T13252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 379.336631][T13252] RSP: 002b:00007f7b363ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 379.336653][T13252] RAX: ffffffffffffffda RBX: 00007f7b357b5fa0 RCX: 00007f7b3558e929 [ 379.336669][T13252] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 379.336683][T13252] RBP: 00007f7b363ac090 R08: 0000000000000000 R09: 0000000000000000 [ 379.336696][T13252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 379.336709][T13252] R13: 0000000000000000 R14: 00007f7b357b5fa0 R15: 00007ffd9a6e7d48 [ 379.336742][T13252] [ 379.714987][T13255] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2538'. [ 379.774511][T13257] tipc: Enabling of bearer rejected, already enabled [ 380.013979][T13261] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2533'. [ 380.242568][T13269] netlink: 'syz.3.2540': attribute type 10 has an invalid length. [ 380.258563][T13269] team0: Device ipvlan1 failed to register rx_handler [ 380.457070][T13279] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 380.763196][T13292] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2544'. [ 380.847018][T13296] xt_bpf: check failed: parse error [ 381.046827][T13307] tipc: Enabling of bearer rejected, already enabled [ 382.157657][ T13] syzkaller0: tun_net_xmit 76 [ 382.158531][T13332] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 382.162673][ T13] syzkaller0: tun_net_xmit 48 [ 382.186755][ T43] syzkaller0: tun_net_xmit 76 [ 382.950104][T13364] vxcan1: tx address claim with dest, not broadcast [ 383.228626][ T51] Bluetooth: hci4: command 0x0406 tx timeout [ 384.273755][T13349] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 384.293353][T13366] netlink: 'syz.1.2574': attribute type 29 has an invalid length. [ 384.312073][T13347] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 384.351191][T13347] CPU: 1 UID: 0 PID: 13347 Comm: syz.4.2568 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 384.351225][T13347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 384.351238][T13347] Call Trace: [ 384.351248][T13347] [ 384.351258][T13347] dump_stack_lvl+0x189/0x250 [ 384.351302][T13347] ? __pfx_dump_stack_lvl+0x10/0x10 [ 384.351336][T13347] ? __pfx__printk+0x10/0x10 [ 384.351360][T13347] ? kernfs_path_from_node+0x2c/0x260 [ 384.351388][T13347] ? kernfs_path_from_node+0x2c/0x260 [ 384.351417][T13347] ? kernfs_path_from_node+0x2c/0x260 [ 384.351446][T13347] ? kernfs_path_from_node+0x22c/0x260 [ 384.351468][T13347] ? kernfs_path_from_node+0x2c/0x260 [ 384.351497][T13347] sysfs_warn_dup+0x8e/0xa0 [ 384.351521][T13347] sysfs_do_create_link_sd+0xc0/0x110 [ 384.351548][T13347] device_add_class_symlinks+0x1cf/0x240 [ 384.351578][T13347] device_add+0x475/0xb50 [ 384.351615][T13347] wiphy_register+0x199a/0x26b0 [ 384.351659][T13347] ? __pfx_wiphy_register+0x10/0x10 [ 384.351683][T13347] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 384.351719][T13347] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 384.351752][T13347] ieee80211_register_hw+0x33e1/0x4120 [ 384.351801][T13347] ? ieee80211_register_hw+0x13f1/0x4120 [ 384.351840][T13347] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 384.351874][T13347] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 384.351914][T13347] ? __hrtimer_setup+0x187/0x210 [ 384.351944][T13347] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 384.351976][T13347] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 384.352036][T13347] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 384.352060][T13347] ? trace_kmalloc+0x1f/0xd0 [ 384.352077][T13347] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 384.352097][T13347] ? kstrndup+0xbf/0x160 [ 384.352134][T13347] hwsim_new_radio_nl+0xea4/0x1b10 [ 384.352165][T13347] ? __pfx___nla_validate_parse+0x10/0x10 [ 384.352228][T13347] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 384.352270][T13347] ? __nla_parse+0x40/0x60 [ 384.352306][T13347] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 384.352336][T13347] genl_family_rcv_msg_doit+0x212/0x300 [ 384.352365][T13347] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 384.352415][T13347] ? bpf_lsm_capable+0x9/0x20 [ 384.352436][T13347] ? security_capable+0x7e/0x2e0 [ 384.352472][T13347] genl_rcv_msg+0x60e/0x790 [ 384.352515][T13347] ? __pfx_genl_rcv_msg+0x10/0x10 [ 384.352547][T13347] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 384.352591][T13347] netlink_rcv_skb+0x205/0x470 [ 384.352627][T13347] ? __pfx_genl_rcv_msg+0x10/0x10 [ 384.352664][T13347] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 384.352713][T13347] ? down_read+0x1ad/0x2e0 [ 384.352742][T13347] genl_rcv+0x28/0x40 [ 384.352772][T13347] netlink_unicast+0x758/0x8d0 [ 384.352811][T13347] netlink_sendmsg+0x805/0xb30 [ 384.352850][T13347] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.352883][T13347] ? aa_sock_msg_perm+0x94/0x160 [ 384.352913][T13347] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 384.352940][T13347] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.352969][T13347] __sock_sendmsg+0x21c/0x270 [ 384.352998][T13347] ____sys_sendmsg+0x505/0x830 [ 384.353038][T13347] ? __pfx_____sys_sendmsg+0x10/0x10 [ 384.353082][T13347] ? import_iovec+0x74/0xa0 [ 384.353108][T13347] ___sys_sendmsg+0x21f/0x2a0 [ 384.353143][T13347] ? __pfx____sys_sendmsg+0x10/0x10 [ 384.353218][T13347] ? __fget_files+0x2a/0x420 [ 384.353241][T13347] ? __fget_files+0x3a0/0x420 [ 384.353279][T13347] __x64_sys_sendmsg+0x19b/0x260 [ 384.353314][T13347] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 384.353358][T13347] ? rcu_is_watching+0x15/0xb0 [ 384.353399][T13347] ? do_syscall_64+0xbe/0x3b0 [ 384.353427][T13347] do_syscall_64+0xfa/0x3b0 [ 384.353448][T13347] ? lockdep_hardirqs_on+0x9c/0x150 [ 384.353469][T13347] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.353490][T13347] ? clear_bhb_loop+0x60/0xb0 [ 384.353517][T13347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.353538][T13347] RIP: 0033:0x7f19a8f8e929 [ 384.353560][T13347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 384.353580][T13347] RSP: 002b:00007f19a9e38038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 384.353611][T13347] RAX: ffffffffffffffda RBX: 00007f19a91b5fa0 RCX: 00007f19a8f8e929 [ 384.353628][T13347] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 384.353647][T13347] RBP: 00007f19a9010b39 R08: 0000000000000000 R09: 0000000000000000 [ 384.353662][T13347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.353675][T13347] R13: 0000000000000000 R14: 00007f19a91b5fa0 R15: 00007ffe42fd0838 [ 384.353712][T13347] [ 384.828500][T13375] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 384.840448][T13375] CPU: 0 UID: 0 PID: 13375 Comm: syz.3.2577 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 384.840483][T13375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 384.840498][T13375] Call Trace: [ 384.840509][T13375] [ 384.840520][T13375] dump_stack_lvl+0x189/0x250 [ 384.840566][T13375] ? __pfx_dump_stack_lvl+0x10/0x10 [ 384.840601][T13375] ? __pfx__printk+0x10/0x10 [ 384.840625][T13375] ? kernfs_path_from_node+0x2c/0x260 [ 384.840652][T13375] ? kernfs_path_from_node+0x2c/0x260 [ 384.840675][T13375] ? kernfs_path_from_node+0x2c/0x260 [ 384.840703][T13375] ? kernfs_path_from_node+0x22c/0x260 [ 384.840726][T13375] ? kernfs_path_from_node+0x2c/0x260 [ 384.840755][T13375] sysfs_warn_dup+0x8e/0xa0 [ 384.840780][T13375] sysfs_do_create_link_sd+0xc0/0x110 [ 384.840809][T13375] device_add_class_symlinks+0x1cf/0x240 [ 384.840839][T13375] device_add+0x475/0xb50 [ 384.840869][T13375] wiphy_register+0x199a/0x26b0 [ 384.840917][T13375] ? __pfx_wiphy_register+0x10/0x10 [ 384.840942][T13375] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 384.840979][T13375] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 384.841015][T13375] ieee80211_register_hw+0x33e1/0x4120 [ 384.841068][T13375] ? ieee80211_register_hw+0x13f1/0x4120 [ 384.841110][T13375] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 384.841147][T13375] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 384.841190][T13375] ? __hrtimer_setup+0x187/0x210 [ 384.841221][T13375] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 384.841256][T13375] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 384.841325][T13375] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 384.841350][T13375] ? trace_kmalloc+0x1f/0xd0 [ 384.841368][T13375] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 384.841390][T13375] ? kstrndup+0xbf/0x160 [ 384.841429][T13375] hwsim_new_radio_nl+0xea4/0x1b10 [ 384.841459][T13375] ? __pfx___nla_validate_parse+0x10/0x10 [ 384.841508][T13375] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 384.841549][T13375] ? __nla_parse+0x40/0x60 [ 384.841586][T13375] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 384.841618][T13375] genl_family_rcv_msg_doit+0x212/0x300 [ 384.841648][T13375] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 384.841698][T13375] ? bpf_lsm_capable+0x9/0x20 [ 384.841717][T13375] ? security_capable+0x7e/0x2e0 [ 384.841754][T13375] genl_rcv_msg+0x60e/0x790 [ 384.841796][T13375] ? __pfx_genl_rcv_msg+0x10/0x10 [ 384.841831][T13375] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 384.841876][T13375] netlink_rcv_skb+0x205/0x470 [ 384.841904][T13375] ? __pfx_genl_rcv_msg+0x10/0x10 [ 384.841939][T13375] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 384.841987][T13375] ? down_read+0x1ad/0x2e0 [ 384.842014][T13375] genl_rcv+0x28/0x40 [ 384.842045][T13375] netlink_unicast+0x758/0x8d0 [ 384.842084][T13375] netlink_sendmsg+0x805/0xb30 [ 384.842124][T13375] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.842156][T13375] ? aa_sock_msg_perm+0x94/0x160 [ 384.842187][T13375] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 384.842213][T13375] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.842242][T13375] __sock_sendmsg+0x21c/0x270 [ 384.842271][T13375] ____sys_sendmsg+0x505/0x830 [ 384.842318][T13375] ? __pfx_____sys_sendmsg+0x10/0x10 [ 384.842362][T13375] ? import_iovec+0x74/0xa0 [ 384.842390][T13375] ___sys_sendmsg+0x21f/0x2a0 [ 384.842426][T13375] ? __pfx____sys_sendmsg+0x10/0x10 [ 384.842502][T13375] ? __fget_files+0x2a/0x420 [ 384.842525][T13375] ? __fget_files+0x3a0/0x420 [ 384.842563][T13375] __x64_sys_sendmsg+0x19b/0x260 [ 384.842597][T13375] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 384.842642][T13375] ? rcu_is_watching+0x15/0xb0 [ 384.842679][T13375] ? do_syscall_64+0xbe/0x3b0 [ 384.842704][T13375] do_syscall_64+0xfa/0x3b0 [ 384.842724][T13375] ? lockdep_hardirqs_on+0x9c/0x150 [ 384.842745][T13375] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.842767][T13375] ? clear_bhb_loop+0x60/0xb0 [ 384.842801][T13375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.842822][T13375] RIP: 0033:0x7f7b3558e929 [ 384.842844][T13375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 384.842863][T13375] RSP: 002b:00007f7b363ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 384.842887][T13375] RAX: ffffffffffffffda RBX: 00007f7b357b5fa0 RCX: 00007f7b3558e929 [ 384.842903][T13375] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 384.842918][T13375] RBP: 00007f7b35610b39 R08: 0000000000000000 R09: 0000000000000000 [ 384.842931][T13375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.842945][T13375] R13: 0000000000000000 R14: 00007f7b357b5fa0 R15: 00007ffd9a6e7d48 [ 384.842981][T13375] [ 385.733632][T13405] vxcan1: tx address claim with dest, not broadcast [ 385.984881][T13419] __nla_validate_parse: 6 callbacks suppressed [ 385.984906][T13419] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2591'. [ 386.436946][T13439] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2598'. [ 386.537719][T13437] xt_CT: No such helper "snmp" [ 386.869581][T13457] netlink: 'syz.3.2605': attribute type 10 has an invalid length. [ 386.916693][T13457] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 386.937161][T13457] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 386.949877][T13462] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2608'. [ 386.966754][T13457] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 386.987911][T13456] C: renamed from lo [ 386.996161][T13456] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 387.254997][T13472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2611'. [ 387.276957][T13472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2611'. [ 387.292087][T13475] netlink: 'syz.1.2613': attribute type 29 has an invalid length. [ 387.302296][T13475] netlink: 'syz.1.2613': attribute type 29 has an invalid length. [ 387.317172][T13472] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2611'. [ 387.318616][T13475] netlink: 500 bytes leftover after parsing attributes in process `syz.1.2613'. [ 387.831577][T13497] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2620'. [ 387.852685][T13496] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2618'. [ 387.866770][T13496] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2618'. [ 388.286287][T13518] netlink: 'syz.2.2626': attribute type 83 has an invalid length. [ 388.444787][T13525] netlink: 'syz.3.2633': attribute type 29 has an invalid length. [ 388.468239][T13525] netlink: 'syz.3.2633': attribute type 29 has an invalid length. [ 388.598927][T13533] xt_bpf: check failed: parse error [ 389.314814][T13544] vlan0: left promiscuous mode [ 389.464441][T13544] mac80211_hwsim hwsim5 wlan0: left allmulticast mode [ 389.482658][T13544] macsec1: left promiscuous mode [ 389.490034][T13544] macsec1: left allmulticast mode [ 389.501315][T13544] veth3: left promiscuous mode [ 389.507930][T13544] bond2: left promiscuous mode [ 389.552205][T13554] vlan1: entered promiscuous mode [ 389.638171][ T1109] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.668538][ T1109] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.680957][ T1109] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.695855][ T1109] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.835750][T13577] openvswitch: netlink: Duplicate or invalid key (type 0). [ 389.862250][T13577] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 390.706288][T13622] tipc: Enabling of bearer rejected, already enabled [ 391.675410][T13629] __nla_validate_parse: 17 callbacks suppressed [ 391.675434][T13629] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2669'. [ 391.709523][T13629] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2669'. [ 391.747497][T13629] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2669'. [ 391.795798][T13631] vlan0: entered promiscuous mode [ 392.040839][T13645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2674'. [ 392.051863][T13645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2674'. [ 392.121635][T13645] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2674'. [ 392.158428][T13655] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2678'. [ 392.176445][T13655] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2678'. [ 392.299393][T13664] netlink: 'syz.4.2682': attribute type 10 has an invalid length. [ 392.443330][T13676] netlink: 'syz.0.2686': attribute type 29 has an invalid length. [ 392.466065][T13676] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2686'. [ 392.523824][T13681] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2688'. [ 393.097279][T13712] tipc: Enabling of bearer rejected, already enabled [ 393.913990][T13715] syz.1.2696 (13715) used greatest stack depth: 17992 bytes left [ 393.976687][T13723] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 394.002072][T13723] CPU: 1 UID: 0 PID: 13723 Comm: syz.0.2701 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 394.002109][T13723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 394.002123][T13723] Call Trace: [ 394.002133][T13723] [ 394.002143][T13723] dump_stack_lvl+0x189/0x250 [ 394.002189][T13723] ? __pfx_dump_stack_lvl+0x10/0x10 [ 394.002223][T13723] ? __pfx__printk+0x10/0x10 [ 394.002247][T13723] ? kernfs_path_from_node+0x2c/0x260 [ 394.002273][T13723] ? kernfs_path_from_node+0x2c/0x260 [ 394.002297][T13723] ? kernfs_path_from_node+0x2c/0x260 [ 394.002324][T13723] ? kernfs_path_from_node+0x22c/0x260 [ 394.002348][T13723] ? kernfs_path_from_node+0x2c/0x260 [ 394.002376][T13723] sysfs_warn_dup+0x8e/0xa0 [ 394.002401][T13723] sysfs_do_create_link_sd+0xc0/0x110 [ 394.002430][T13723] device_add_class_symlinks+0x1cf/0x240 [ 394.002460][T13723] device_add+0x475/0xb50 [ 394.002485][T13723] wiphy_register+0x199a/0x26b0 [ 394.002534][T13723] ? __pfx_wiphy_register+0x10/0x10 [ 394.002559][T13723] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 394.002597][T13723] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 394.002640][T13723] ieee80211_register_hw+0x33e1/0x4120 [ 394.002692][T13723] ? ieee80211_register_hw+0x13f1/0x4120 [ 394.002734][T13723] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 394.002771][T13723] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 394.002814][T13723] ? __hrtimer_setup+0x187/0x210 [ 394.002845][T13723] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 394.002878][T13723] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 394.002941][T13723] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 394.002965][T13723] ? trace_kmalloc+0x1f/0xd0 [ 394.002983][T13723] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 394.003004][T13723] ? kstrndup+0xbf/0x160 [ 394.003043][T13723] hwsim_new_radio_nl+0xea4/0x1b10 [ 394.003072][T13723] ? __pfx___nla_validate_parse+0x10/0x10 [ 394.003126][T13723] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 394.003156][T13723] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 394.003187][T13723] ? __nla_parse+0x40/0x60 [ 394.003223][T13723] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 394.003255][T13723] genl_family_rcv_msg_doit+0x212/0x300 [ 394.003286][T13723] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 394.003360][T13723] ? bpf_lsm_capable+0x9/0x20 [ 394.003381][T13723] ? security_capable+0x7e/0x2e0 [ 394.003417][T13723] genl_rcv_msg+0x60e/0x790 [ 394.003458][T13723] ? __pfx_genl_rcv_msg+0x10/0x10 [ 394.003491][T13723] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 394.003535][T13723] netlink_rcv_skb+0x205/0x470 [ 394.003563][T13723] ? __pfx_genl_rcv_msg+0x10/0x10 [ 394.003598][T13723] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 394.003654][T13723] ? down_read+0x1ad/0x2e0 [ 394.003682][T13723] genl_rcv+0x28/0x40 [ 394.003712][T13723] netlink_unicast+0x758/0x8d0 [ 394.003751][T13723] netlink_sendmsg+0x805/0xb30 [ 394.003791][T13723] ? __pfx_netlink_sendmsg+0x10/0x10 [ 394.003823][T13723] ? aa_sock_msg_perm+0x94/0x160 [ 394.003853][T13723] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 394.003881][T13723] ? __pfx_netlink_sendmsg+0x10/0x10 [ 394.003909][T13723] __sock_sendmsg+0x21c/0x270 [ 394.003938][T13723] ____sys_sendmsg+0x505/0x830 [ 394.003976][T13723] ? __pfx_____sys_sendmsg+0x10/0x10 [ 394.004020][T13723] ? import_iovec+0x74/0xa0 [ 394.004046][T13723] ___sys_sendmsg+0x21f/0x2a0 [ 394.004081][T13723] ? __pfx____sys_sendmsg+0x10/0x10 [ 394.004159][T13723] ? __fget_files+0x2a/0x420 [ 394.004181][T13723] ? __fget_files+0x3a0/0x420 [ 394.004218][T13723] __x64_sys_sendmsg+0x19b/0x260 [ 394.004253][T13723] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 394.004299][T13723] ? rcu_is_watching+0x15/0xb0 [ 394.004338][T13723] ? do_syscall_64+0xbe/0x3b0 [ 394.004366][T13723] do_syscall_64+0xfa/0x3b0 [ 394.004387][T13723] ? lockdep_hardirqs_on+0x9c/0x150 [ 394.004407][T13723] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.004429][T13723] ? clear_bhb_loop+0x60/0xb0 [ 394.004456][T13723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.004477][T13723] RIP: 0033:0x7f686c98e929 [ 394.004496][T13723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.004514][T13723] RSP: 002b:00007f686d8c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 394.004536][T13723] RAX: ffffffffffffffda RBX: 00007f686cbb5fa0 RCX: 00007f686c98e929 [ 394.004553][T13723] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 394.004567][T13723] RBP: 00007f686ca10b39 R08: 0000000000000000 R09: 0000000000000000 [ 394.004581][T13723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 394.004594][T13723] R13: 0000000000000000 R14: 00007f686cbb5fa0 R15: 00007ffc61867f78 [ 394.004642][T13723] [ 394.535226][T13723] netlink: 'syz.0.2701': attribute type 3 has an invalid length. [ 395.371998][T13760] FAULT_INJECTION: forcing a failure. [ 395.371998][T13760] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 395.397802][T13756] tipc: Enabling of bearer rejected, already enabled [ 395.430704][T13760] CPU: 1 UID: 0 PID: 13760 Comm: syz.3.2713 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 395.430735][T13760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 395.430748][T13760] Call Trace: [ 395.430757][T13760] [ 395.430768][T13760] dump_stack_lvl+0x189/0x250 [ 395.430804][T13760] ? __pfx____ratelimit+0x10/0x10 [ 395.430824][T13760] ? __pfx_dump_stack_lvl+0x10/0x10 [ 395.430855][T13760] ? __pfx__printk+0x10/0x10 [ 395.430876][T13760] ? __might_fault+0xb0/0x130 [ 395.430906][T13760] should_fail_ex+0x414/0x560 [ 395.430937][T13760] _copy_from_user+0x2d/0xb0 [ 395.430957][T13760] __sys_connect+0x123/0x440 [ 395.430982][T13760] ? __fget_files+0x3a0/0x420 [ 395.431005][T13760] ? __pfx___sys_connect+0x10/0x10 [ 395.431042][T13760] ? __pfx_ksys_write+0x10/0x10 [ 395.431057][T13760] ? rcu_is_watching+0x15/0xb0 [ 395.431096][T13760] __x64_sys_connect+0x7a/0x90 [ 395.431123][T13760] do_syscall_64+0xfa/0x3b0 [ 395.431143][T13760] ? lockdep_hardirqs_on+0x9c/0x150 [ 395.431160][T13760] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.431179][T13760] ? clear_bhb_loop+0x60/0xb0 [ 395.431205][T13760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.431223][T13760] RIP: 0033:0x7f7b3558e929 [ 395.431241][T13760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.431258][T13760] RSP: 002b:00007f7b363ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 395.431280][T13760] RAX: ffffffffffffffda RBX: 00007f7b357b5fa0 RCX: 00007f7b3558e929 [ 395.431294][T13760] RDX: 000000000000001c RSI: 0000200000000100 RDI: 0000000000000004 [ 395.431306][T13760] RBP: 00007f7b363ac090 R08: 0000000000000000 R09: 0000000000000000 [ 395.431318][T13760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.431330][T13760] R13: 0000000000000000 R14: 00007f7b357b5fa0 R15: 00007ffd9a6e7d48 [ 395.431360][T13760] [ 396.159779][T13763] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 396.191696][T13770] netlink: 'syz.2.2718': attribute type 29 has an invalid length. [ 396.211938][T13770] netlink: 'syz.2.2718': attribute type 29 has an invalid length. [ 396.703752][T13796] __nla_validate_parse: 13 callbacks suppressed [ 396.703774][T13796] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2727'. [ 396.858236][T13805] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2730'. [ 397.094084][T13801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2730'. [ 397.143724][T13801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2730'. [ 397.187213][T13802] tipc: Enabling of bearer rejected, already enabled [ 398.106865][T13833] netlink: 596 bytes leftover after parsing attributes in process `syz.3.2738'. [ 398.258719][T13838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2741'. [ 398.373045][T13842] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 398.412515][T13842] CPU: 1 UID: 0 PID: 13842 Comm: syz.2.2739 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 398.412547][T13842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 398.412562][T13842] Call Trace: [ 398.412572][T13842] [ 398.412582][T13842] dump_stack_lvl+0x189/0x250 [ 398.412626][T13842] ? __pfx_dump_stack_lvl+0x10/0x10 [ 398.412661][T13842] ? __pfx__printk+0x10/0x10 [ 398.412687][T13842] ? kernfs_path_from_node+0x2c/0x260 [ 398.412713][T13842] ? kernfs_path_from_node+0x2c/0x260 [ 398.412738][T13842] ? kernfs_path_from_node+0x2c/0x260 [ 398.412766][T13842] ? kernfs_path_from_node+0x22c/0x260 [ 398.412789][T13842] ? kernfs_path_from_node+0x2c/0x260 [ 398.412820][T13842] sysfs_warn_dup+0x8e/0xa0 [ 398.412846][T13842] sysfs_do_create_link_sd+0xc0/0x110 [ 398.412875][T13842] device_add_class_symlinks+0x1cf/0x240 [ 398.412906][T13842] device_add+0x475/0xb50 [ 398.412936][T13842] wiphy_register+0x199a/0x26b0 [ 398.412985][T13842] ? __pfx_wiphy_register+0x10/0x10 [ 398.413011][T13842] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 398.413049][T13842] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 398.413085][T13842] ieee80211_register_hw+0x33e1/0x4120 [ 398.413146][T13842] ? ieee80211_register_hw+0x13f1/0x4120 [ 398.413189][T13842] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 398.413227][T13842] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 398.413272][T13842] ? __hrtimer_setup+0x187/0x210 [ 398.413308][T13842] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 398.413342][T13842] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 398.413405][T13842] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 398.413431][T13842] ? trace_kmalloc+0x1f/0xd0 [ 398.413448][T13842] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 398.413471][T13842] ? kstrndup+0xbf/0x160 [ 398.413510][T13842] hwsim_new_radio_nl+0xea4/0x1b10 [ 398.413540][T13842] ? __pfx___nla_validate_parse+0x10/0x10 [ 398.413590][T13842] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 398.413632][T13842] ? __nla_parse+0x40/0x60 [ 398.413668][T13842] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 398.413701][T13842] genl_family_rcv_msg_doit+0x212/0x300 [ 398.413731][T13842] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 398.413782][T13842] ? bpf_lsm_capable+0x9/0x20 [ 398.413801][T13842] ? security_capable+0x7e/0x2e0 [ 398.413838][T13842] genl_rcv_msg+0x60e/0x790 [ 398.413882][T13842] ? __pfx_genl_rcv_msg+0x10/0x10 [ 398.413915][T13842] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 398.413959][T13842] netlink_rcv_skb+0x205/0x470 [ 398.413989][T13842] ? __pfx_genl_rcv_msg+0x10/0x10 [ 398.414024][T13842] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 398.414074][T13842] ? down_read+0x1ad/0x2e0 [ 398.414103][T13842] genl_rcv+0x28/0x40 [ 398.414141][T13842] netlink_unicast+0x758/0x8d0 [ 398.414181][T13842] netlink_sendmsg+0x805/0xb30 [ 398.414222][T13842] ? __pfx_netlink_sendmsg+0x10/0x10 [ 398.414256][T13842] ? aa_sock_msg_perm+0x94/0x160 [ 398.414288][T13842] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 398.414316][T13842] ? __pfx_netlink_sendmsg+0x10/0x10 [ 398.414346][T13842] __sock_sendmsg+0x21c/0x270 [ 398.414375][T13842] ____sys_sendmsg+0x505/0x830 [ 398.414415][T13842] ? __pfx_____sys_sendmsg+0x10/0x10 [ 398.414460][T13842] ? import_iovec+0x74/0xa0 [ 398.414486][T13842] ___sys_sendmsg+0x21f/0x2a0 [ 398.414522][T13842] ? __pfx____sys_sendmsg+0x10/0x10 [ 398.414602][T13842] ? __fget_files+0x2a/0x420 [ 398.414626][T13842] ? __fget_files+0x3a0/0x420 [ 398.414664][T13842] __x64_sys_sendmsg+0x19b/0x260 [ 398.414701][T13842] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 398.414747][T13842] ? rcu_is_watching+0x15/0xb0 [ 398.414787][T13842] ? do_syscall_64+0xbe/0x3b0 [ 398.414817][T13842] do_syscall_64+0xfa/0x3b0 [ 398.414838][T13842] ? lockdep_hardirqs_on+0x9c/0x150 [ 398.414865][T13842] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.414888][T13842] ? clear_bhb_loop+0x60/0xb0 [ 398.414916][T13842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.414937][T13842] RIP: 0033:0x7fb413b8e929 [ 398.414958][T13842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.414976][T13842] RSP: 002b:00007fb414ab4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 398.415000][T13842] RAX: ffffffffffffffda RBX: 00007fb413db6080 RCX: 00007fb413b8e929 [ 398.415017][T13842] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 398.415031][T13842] RBP: 00007fb413c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 398.415045][T13842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 398.415059][T13842] R13: 0000000000000000 R14: 00007fb413db6080 R15: 00007ffde3adb618 [ 398.415095][T13842] [ 398.937969][T13839] netlink: 'syz.2.2739': attribute type 3 has an invalid length. [ 399.626953][T13876] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2751'. [ 399.723989][T13883] IPVS: set_ctl: invalid protocol: 50 255.255.255.255:0 [ 400.026808][T13907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2762'. [ 400.041013][T13902] : renamed from bond_slave_0 (while UP) [ 401.099017][T13957] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2781'. [ 401.108159][T13957] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2781'. [ 401.492629][T13964] netlink: 'syz.0.2784': attribute type 3 has an invalid length. [ 402.630220][T13957] geneve2: entered allmulticast mode [ 402.812797][T13981] IPv6: syztnl1: Disabled Multicast RS [ 403.063097][T13999] __nla_validate_parse: 1 callbacks suppressed [ 403.063119][T13999] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2797'. [ 403.214455][T13990] tipc: Enabled bearer , priority 0 [ 403.515693][T13990] tipc: Resetting bearer [ 404.030367][T14030] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2802'. [ 405.157608][T13990] tipc: Disabling bearer [ 405.356351][T14027] vlan0: left promiscuous mode [ 405.415105][T14027] mac80211_hwsim hwsim4 wlan0: left allmulticast mode [ 405.422339][T14027] macsec1: left promiscuous mode [ 405.429585][T14027] macsec1: left allmulticast mode [ 405.451948][T14027] geneve2: left allmulticast mode [ 405.459757][T14028] tipc: Enabled bearer , priority 0 [ 405.531752][T14021] tipc: Resetting bearer [ 405.554545][T14025] tipc: Resetting bearer [ 405.577683][T14036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2807'. [ 405.597167][T14036] netlink: 312 bytes leftover after parsing attributes in process `syz.2.2807'. [ 405.606291][T14036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2807'. [ 406.752130][T14053] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2813'. [ 407.756910][T14025] tipc: Disabling bearer [ 407.767809][ T1146] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 407.779916][ T1146] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.790271][ T1146] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 407.800490][ T1146] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.814616][T14039] tipc: Enabling of bearer rejected, already enabled [ 407.902118][ T1146] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 407.927118][ T1146] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.957174][T14060] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 407.974317][T14060] CPU: 1 UID: 0 PID: 14060 Comm: syz.2.2815 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 407.974351][T14060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 407.974367][T14060] Call Trace: [ 407.974377][T14060] [ 407.974387][T14060] dump_stack_lvl+0x189/0x250 [ 407.974431][T14060] ? __pfx_dump_stack_lvl+0x10/0x10 [ 407.974466][T14060] ? __pfx__printk+0x10/0x10 [ 407.974492][T14060] ? kernfs_path_from_node+0x2c/0x260 [ 407.974519][T14060] ? kernfs_path_from_node+0x2c/0x260 [ 407.974543][T14060] ? kernfs_path_from_node+0x2c/0x260 [ 407.974571][T14060] ? kernfs_path_from_node+0x22c/0x260 [ 407.974594][T14060] ? kernfs_path_from_node+0x2c/0x260 [ 407.974624][T14060] sysfs_warn_dup+0x8e/0xa0 [ 407.974651][T14060] sysfs_do_create_link_sd+0xc0/0x110 [ 407.974680][T14060] device_add_class_symlinks+0x1cf/0x240 [ 407.974710][T14060] device_add+0x475/0xb50 [ 407.974739][T14060] wiphy_register+0x199a/0x26b0 [ 407.974788][T14060] ? __pfx_wiphy_register+0x10/0x10 [ 407.974813][T14060] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 407.974851][T14060] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 407.974896][T14060] ieee80211_register_hw+0x33e1/0x4120 [ 407.974949][T14060] ? ieee80211_register_hw+0x13f1/0x4120 [ 407.974991][T14060] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 407.975029][T14060] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 407.975072][T14060] ? __hrtimer_setup+0x187/0x210 [ 407.975103][T14060] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 407.975137][T14060] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 407.975199][T14060] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 407.975224][T14060] ? trace_kmalloc+0x1f/0xd0 [ 407.975241][T14060] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 407.975264][T14060] ? kstrndup+0xbf/0x160 [ 407.975303][T14060] hwsim_new_radio_nl+0xea4/0x1b10 [ 407.975333][T14060] ? __pfx___nla_validate_parse+0x10/0x10 [ 407.975383][T14060] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 407.975426][T14060] ? __nla_parse+0x40/0x60 [ 407.975462][T14060] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 407.975494][T14060] genl_family_rcv_msg_doit+0x212/0x300 [ 407.975524][T14060] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 407.975575][T14060] ? bpf_lsm_capable+0x9/0x20 [ 407.975594][T14060] ? security_capable+0x7e/0x2e0 [ 407.975630][T14060] genl_rcv_msg+0x60e/0x790 [ 407.975672][T14060] ? __pfx_genl_rcv_msg+0x10/0x10 [ 407.975705][T14060] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 407.975750][T14060] netlink_rcv_skb+0x205/0x470 [ 407.975779][T14060] ? __pfx_genl_rcv_msg+0x10/0x10 [ 407.975816][T14060] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 407.975864][T14060] ? down_read+0x1ad/0x2e0 [ 407.975905][T14060] genl_rcv+0x28/0x40 [ 407.975937][T14060] netlink_unicast+0x758/0x8d0 [ 407.975976][T14060] netlink_sendmsg+0x805/0xb30 [ 407.976017][T14060] ? __pfx_netlink_sendmsg+0x10/0x10 [ 407.976049][T14060] ? aa_sock_msg_perm+0x94/0x160 [ 407.976081][T14060] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 407.976107][T14060] ? __pfx_netlink_sendmsg+0x10/0x10 [ 407.976136][T14060] __sock_sendmsg+0x21c/0x270 [ 407.976164][T14060] ____sys_sendmsg+0x505/0x830 [ 407.976203][T14060] ? __pfx_____sys_sendmsg+0x10/0x10 [ 407.976247][T14060] ? import_iovec+0x74/0xa0 [ 407.976274][T14060] ___sys_sendmsg+0x21f/0x2a0 [ 407.976308][T14060] ? __pfx____sys_sendmsg+0x10/0x10 [ 407.976389][T14060] ? __fget_files+0x2a/0x420 [ 407.976411][T14060] ? __fget_files+0x3a0/0x420 [ 407.976450][T14060] __x64_sys_sendmsg+0x19b/0x260 [ 407.976486][T14060] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 407.976531][T14060] ? rcu_is_watching+0x15/0xb0 [ 407.976571][T14060] ? do_syscall_64+0xbe/0x3b0 [ 407.976599][T14060] do_syscall_64+0xfa/0x3b0 [ 407.976619][T14060] ? lockdep_hardirqs_on+0x9c/0x150 [ 407.976640][T14060] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.976662][T14060] ? clear_bhb_loop+0x60/0xb0 [ 407.976689][T14060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.976710][T14060] RIP: 0033:0x7fb413b8e929 [ 407.976729][T14060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 407.976748][T14060] RSP: 002b:00007fb414ad5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 407.976771][T14060] RAX: ffffffffffffffda RBX: 00007fb413db5fa0 RCX: 00007fb413b8e929 [ 407.976787][T14060] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 407.976800][T14060] RBP: 00007fb413c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 407.976814][T14060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 407.976827][T14060] R13: 0000000000000000 R14: 00007fb413db5fa0 R15: 00007ffde3adb618 [ 407.976863][T14060] [ 408.485734][ T1146] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 408.494940][ T1146] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.519427][T14069] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 408.569670][T14069] CPU: 0 UID: 0 PID: 14069 Comm: syz.3.2816 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 408.569707][T14069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 408.569722][T14069] Call Trace: [ 408.569733][T14069] [ 408.569744][T14069] dump_stack_lvl+0x189/0x250 [ 408.569788][T14069] ? __pfx_dump_stack_lvl+0x10/0x10 [ 408.569822][T14069] ? __pfx__printk+0x10/0x10 [ 408.569847][T14069] ? kernfs_path_from_node+0x2c/0x260 [ 408.569873][T14069] ? kernfs_path_from_node+0x2c/0x260 [ 408.569897][T14069] ? kernfs_path_from_node+0x2c/0x260 [ 408.569926][T14069] ? kernfs_path_from_node+0x22c/0x260 [ 408.569951][T14069] ? kernfs_path_from_node+0x2c/0x260 [ 408.569981][T14069] sysfs_warn_dup+0x8e/0xa0 [ 408.570006][T14069] sysfs_do_create_link_sd+0xc0/0x110 [ 408.570033][T14069] device_add_class_symlinks+0x1cf/0x240 [ 408.570064][T14069] device_add+0x475/0xb50 [ 408.570093][T14069] wiphy_register+0x199a/0x26b0 [ 408.570148][T14069] ? __pfx_wiphy_register+0x10/0x10 [ 408.570174][T14069] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 408.570213][T14069] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 408.570249][T14069] ieee80211_register_hw+0x33e1/0x4120 [ 408.570301][T14069] ? ieee80211_register_hw+0x13f1/0x4120 [ 408.570343][T14069] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 408.570380][T14069] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 408.570423][T14069] ? __hrtimer_setup+0x187/0x210 [ 408.570456][T14069] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 408.570491][T14069] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 408.570551][T14069] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 408.570576][T14069] ? trace_kmalloc+0x1f/0xd0 [ 408.570599][T14069] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 408.570621][T14069] ? kstrndup+0xbf/0x160 [ 408.570659][T14069] hwsim_new_radio_nl+0xea4/0x1b10 [ 408.570690][T14069] ? __pfx___nla_validate_parse+0x10/0x10 [ 408.570739][T14069] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 408.570781][T14069] ? __nla_parse+0x40/0x60 [ 408.570816][T14069] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 408.570848][T14069] genl_family_rcv_msg_doit+0x212/0x300 [ 408.570879][T14069] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 408.570931][T14069] ? bpf_lsm_capable+0x9/0x20 [ 408.570950][T14069] ? security_capable+0x7e/0x2e0 [ 408.570986][T14069] genl_rcv_msg+0x60e/0x790 [ 408.571028][T14069] ? __pfx_genl_rcv_msg+0x10/0x10 [ 408.571060][T14069] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 408.571103][T14069] netlink_rcv_skb+0x205/0x470 [ 408.571140][T14069] ? __pfx_genl_rcv_msg+0x10/0x10 [ 408.571176][T14069] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 408.571225][T14069] ? down_read+0x1ad/0x2e0 [ 408.571253][T14069] genl_rcv+0x28/0x40 [ 408.571284][T14069] netlink_unicast+0x758/0x8d0 [ 408.571323][T14069] netlink_sendmsg+0x805/0xb30 [ 408.571363][T14069] ? __pfx_netlink_sendmsg+0x10/0x10 [ 408.571396][T14069] ? aa_sock_msg_perm+0x94/0x160 [ 408.571428][T14069] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 408.571455][T14069] ? __pfx_netlink_sendmsg+0x10/0x10 [ 408.571484][T14069] __sock_sendmsg+0x21c/0x270 [ 408.571513][T14069] ____sys_sendmsg+0x505/0x830 [ 408.571552][T14069] ? __pfx_____sys_sendmsg+0x10/0x10 [ 408.571615][T14069] ? import_iovec+0x74/0xa0 [ 408.571643][T14069] ___sys_sendmsg+0x21f/0x2a0 [ 408.571679][T14069] ? __pfx____sys_sendmsg+0x10/0x10 [ 408.571755][T14069] ? __fget_files+0x2a/0x420 [ 408.571779][T14069] ? __fget_files+0x3a0/0x420 [ 408.571816][T14069] __x64_sys_sendmsg+0x19b/0x260 [ 408.571853][T14069] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 408.571898][T14069] ? rcu_is_watching+0x15/0xb0 [ 408.571938][T14069] ? do_syscall_64+0xbe/0x3b0 [ 408.571966][T14069] do_syscall_64+0xfa/0x3b0 [ 408.571987][T14069] ? lockdep_hardirqs_on+0x9c/0x150 [ 408.572008][T14069] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.572030][T14069] ? clear_bhb_loop+0x60/0xb0 [ 408.572057][T14069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.572078][T14069] RIP: 0033:0x7f7b3558e929 [ 408.572098][T14069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.572123][T14069] RSP: 002b:00007f7b363ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 408.572145][T14069] RAX: ffffffffffffffda RBX: 00007f7b357b5fa0 RCX: 00007f7b3558e929 [ 408.572161][T14069] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004 [ 408.572175][T14069] RBP: 00007f7b35610b39 R08: 0000000000000000 R09: 0000000000000000 [ 408.572189][T14069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 408.572201][T14069] R13: 0000000000000000 R14: 00007f7b357b5fa0 R15: 00007ffd9a6e7d48 [ 408.572236][T14069] [ 409.131882][T14083] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2821'. [ 409.206791][T14083] netlink: 312 bytes leftover after parsing attributes in process `syz.1.2821'. [ 409.241450][T14083] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2821'. [ 409.347367][T14089] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2824'. [ 409.680787][T14098] tipc: Enabling of bearer rejected, already enabled [ 410.869038][T14133] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2838'. [ 410.943767][T14136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2838'. [ 412.330209][T14107] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2832'. [ 412.456341][T14132] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2836'. [ 412.479253][T14132] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2836'. [ 412.519481][T14146] IPVS: length: 250 != 8 [ 412.662819][T14151] tipc: Enabling of bearer rejected, already enabled [ 413.890116][T14178] tipc: Enabled bearer , priority 0 [ 414.022136][T14172] tipc: Resetting bearer [ 414.308856][T14192] IPVS: set_ctl: invalid protocol: 255 255.255.255.255:20000 [ 414.437790][T14197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2857'. [ 414.690507][T14206] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2857'. [ 415.838278][T14172] tipc: Disabling bearer [ 416.082777][T14209] tipc: Enabling of bearer rejected, already enabled [ 416.845907][T14214] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2860'. [ 417.563505][T14256] tipc: Enabled bearer , priority 0 [ 417.622817][T14260] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2872'. [ 417.652708][T14243] tipc: Resetting bearer [ 418.523120][T14270] FAULT_INJECTION: forcing a failure. [ 418.523120][T14270] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 418.536350][T14270] CPU: 0 UID: 0 PID: 14270 Comm: syz.2.2874 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 418.536387][T14270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 418.536400][T14270] Call Trace: [ 418.536410][T14270] [ 418.536420][T14270] dump_stack_lvl+0x189/0x250 [ 418.536457][T14270] ? __pfx____ratelimit+0x10/0x10 [ 418.536478][T14270] ? __pfx_dump_stack_lvl+0x10/0x10 [ 418.536509][T14270] ? __pfx__printk+0x10/0x10 [ 418.536532][T14270] ? __might_fault+0xb0/0x130 [ 418.536564][T14270] should_fail_ex+0x414/0x560 [ 418.536595][T14270] _copy_from_iter+0x1db/0x16f0 [ 418.536630][T14270] ? rcu_is_watching+0x15/0xb0 [ 418.536664][T14270] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 418.536686][T14270] ? __pfx__copy_from_iter+0x10/0x10 [ 418.536715][T14270] ? __build_skb_around+0x257/0x3e0 [ 418.536743][T14270] ? netlink_sendmsg+0x642/0xb30 [ 418.536766][T14270] ? skb_put+0x11b/0x210 [ 418.536871][T14270] netlink_sendmsg+0x6b2/0xb30 [ 418.536908][T14270] ? __pfx_netlink_sendmsg+0x10/0x10 [ 418.536938][T14270] ? aa_sock_msg_perm+0x94/0x160 [ 418.536967][T14270] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 418.536994][T14270] ? __pfx_netlink_sendmsg+0x10/0x10 [ 418.537022][T14270] __sock_sendmsg+0x21c/0x270 [ 418.537110][T14270] ____sys_sendmsg+0x505/0x830 [ 418.537162][T14270] ? __pfx_____sys_sendmsg+0x10/0x10 [ 418.537204][T14270] ? import_iovec+0x74/0xa0 [ 418.537229][T14270] ___sys_sendmsg+0x21f/0x2a0 [ 418.537262][T14270] ? __pfx____sys_sendmsg+0x10/0x10 [ 418.537333][T14270] ? __fget_files+0x2a/0x420 [ 418.537355][T14270] ? __fget_files+0x3a0/0x420 [ 418.537390][T14270] __x64_sys_sendmsg+0x19b/0x260 [ 418.537422][T14270] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 418.537458][T14270] ? __pfx_ksys_write+0x10/0x10 [ 418.537481][T14270] ? do_syscall_64+0xbe/0x3b0 [ 418.537506][T14270] do_syscall_64+0xfa/0x3b0 [ 418.537524][T14270] ? lockdep_hardirqs_on+0x9c/0x150 [ 418.537542][T14270] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.537561][T14270] ? clear_bhb_loop+0x60/0xb0 [ 418.537593][T14270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.537611][T14270] RIP: 0033:0x7fb413b8e929 [ 418.537629][T14270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.537644][T14270] RSP: 002b:00007fb414ab4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 418.537664][T14270] RAX: ffffffffffffffda RBX: 00007fb413db6080 RCX: 00007fb413b8e929 [ 418.537678][T14270] RDX: 0000000000000080 RSI: 0000200000000180 RDI: 0000000000000003 [ 418.537690][T14270] RBP: 00007fb414ab4090 R08: 0000000000000000 R09: 0000000000000000 [ 418.537701][T14270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 418.537712][T14270] R13: 0000000000000001 R14: 00007fb413db6080 R15: 00007ffde3adb618 [ 418.537742][T14270] [ 420.008312][T14243] tipc: Disabling bearer [ 420.019988][T14264] tipc: Enabling of bearer rejected, already enabled [ 420.054908][T14269] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!' [ 420.080442][T14269] CPU: 1 UID: 0 PID: 14269 Comm: syz.1.2873 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 420.080476][T14269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 420.080489][T14269] Call Trace: [ 420.080499][T14269] [ 420.080509][T14269] dump_stack_lvl+0x189/0x250 [ 420.080553][T14269] ? __pfx_dump_stack_lvl+0x10/0x10 [ 420.080588][T14269] ? __pfx__printk+0x10/0x10 [ 420.080636][T14269] ? kernfs_path_from_node+0x2c/0x260 [ 420.080664][T14269] ? kernfs_path_from_node+0x2c/0x260 [ 420.080688][T14269] ? kernfs_path_from_node+0x2c/0x260 [ 420.080715][T14269] ? kernfs_path_from_node+0x22c/0x260 [ 420.080738][T14269] ? kernfs_path_from_node+0x2c/0x260 [ 420.080767][T14269] sysfs_warn_dup+0x8e/0xa0 [ 420.080792][T14269] sysfs_do_create_link_sd+0xc0/0x110 [ 420.080820][T14269] device_add_class_symlinks+0x1cf/0x240 [ 420.080851][T14269] device_add+0x475/0xb50 [ 420.080881][T14269] wiphy_register+0x199a/0x26b0 [ 420.080935][T14269] ? __pfx_wiphy_register+0x10/0x10 [ 420.080961][T14269] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 420.081000][T14269] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 420.081035][T14269] ieee80211_register_hw+0x33e1/0x4120 [ 420.081096][T14269] ? ieee80211_register_hw+0x13f1/0x4120 [ 420.081139][T14269] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 420.081177][T14269] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 420.081219][T14269] ? __hrtimer_setup+0x187/0x210 [ 420.081251][T14269] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 420.081285][T14269] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 420.081348][T14269] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 420.081373][T14269] ? trace_kmalloc+0x1f/0xd0 [ 420.081390][T14269] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 420.081421][T14269] ? kstrndup+0xbf/0x160 [ 420.081460][T14269] hwsim_new_radio_nl+0xea4/0x1b10 [ 420.081490][T14269] ? __pfx___nla_validate_parse+0x10/0x10 [ 420.081541][T14269] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 420.081584][T14269] ? __nla_parse+0x40/0x60 [ 420.081620][T14269] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 420.081652][T14269] genl_family_rcv_msg_doit+0x212/0x300 [ 420.081683][T14269] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 420.081734][T14269] ? bpf_lsm_capable+0x9/0x20 [ 420.081753][T14269] ? security_capable+0x7e/0x2e0 [ 420.081789][T14269] genl_rcv_msg+0x60e/0x790 [ 420.081832][T14269] ? __pfx_genl_rcv_msg+0x10/0x10 [ 420.081865][T14269] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 420.081917][T14269] netlink_rcv_skb+0x205/0x470 [ 420.081947][T14269] ? __pfx_genl_rcv_msg+0x10/0x10 [ 420.081982][T14269] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 420.082031][T14269] ? down_read+0x1ad/0x2e0 [ 420.082059][T14269] genl_rcv+0x28/0x40 [ 420.082090][T14269] netlink_unicast+0x758/0x8d0 [ 420.082128][T14269] netlink_sendmsg+0x805/0xb30 [ 420.082168][T14269] ? __pfx_netlink_sendmsg+0x10/0x10 [ 420.082201][T14269] ? aa_sock_msg_perm+0x94/0x160 [ 420.082232][T14269] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 420.082259][T14269] ? __pfx_netlink_sendmsg+0x10/0x10 [ 420.082288][T14269] __sock_sendmsg+0x21c/0x270 [ 420.082318][T14269] ____sys_sendmsg+0x505/0x830 [ 420.082357][T14269] ? __pfx_____sys_sendmsg+0x10/0x10 [ 420.082402][T14269] ? import_iovec+0x74/0xa0 [ 420.082429][T14269] ___sys_sendmsg+0x21f/0x2a0 [ 420.082464][T14269] ? __pfx____sys_sendmsg+0x10/0x10 [ 420.082540][T14269] ? __fget_files+0x2a/0x420 [ 420.082564][T14269] ? __fget_files+0x3a0/0x420 [ 420.082601][T14269] __x64_sys_sendmsg+0x19b/0x260 [ 420.082637][T14269] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 420.082683][T14269] ? rcu_is_watching+0x15/0xb0 [ 420.082721][T14269] ? do_syscall_64+0xbe/0x3b0 [ 420.082749][T14269] do_syscall_64+0xfa/0x3b0 [ 420.082770][T14269] ? lockdep_hardirqs_on+0x9c/0x150 [ 420.082791][T14269] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.082811][T14269] ? clear_bhb_loop+0x60/0xb0 [ 420.082839][T14269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.082860][T14269] RIP: 0033:0x7febf618e929 [ 420.082881][T14269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.082910][T14269] RSP: 002b:00007febf6f12038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 420.082933][T14269] RAX: ffffffffffffffda RBX: 00007febf63b5fa0 RCX: 00007febf618e929 [ 420.082950][T14269] RDX: 0000000000000314 RSI: 0000200000000040 RDI: 0000000000000004 [ 420.082965][T14269] RBP: 00007febf6210b39 R08: 0000000000000000 R09: 0000000000000000 [ 420.082978][T14269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 420.082991][T14269] R13: 0000000000000000 R14: 00007febf63b5fa0 R15: 00007ffcdb981a98 [ 420.083025][T14269] [ 420.739709][T14279] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2878'. [ 420.812366][T14288] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2878'. [ 420.846024][T14286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2880'. [ 420.877935][T14292] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2882'. [ 420.887151][T14292] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2882'. [ 420.896266][T14286] netlink: 312 bytes leftover after parsing attributes in process `syz.3.2880'. [ 420.908859][T14286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2880'. [ 421.090697][T14295] netlink: 'syz.0.2883': attribute type 10 has an invalid length. [ 421.220050][T14300] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2886'. [ 421.281733][T14300] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2886'. [ 421.324613][T14300] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2886'. [ 421.554272][ T5839] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 421.596773][ T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 421.605319][ T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 421.619595][ T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 421.630958][ T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 422.411898][T14353] netlink: 'syz.4.2906': attribute type 10 has an invalid length. [ 422.424526][T14347] gretap1: entered promiscuous mode [ 422.438644][T14347] gretap1: entered allmulticast mode [ 422.562141][T14353] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 422.805586][T14314] chnl_net:caif_netlink_parms(): no params data found [ 423.160459][T14376] bond0: entered promiscuous mode [ 423.165572][T14376] bond0: entered allmulticast mode [ 423.260705][ T1109] batman_adv: batadv0: Removing interface: netdevsim0 [ 423.374708][T14392] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 423.404253][T14392] gretap1: entered promiscuous mode [ 423.413831][T14392] gretap1: entered allmulticast mode [ 423.509746][T14314] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.532371][T14314] bridge0: port 1(bridge_slave_0) entered disabled state [ 423.556093][T14314] bridge_slave_0: entered allmulticast mode [ 423.584357][T14314] bridge_slave_0: entered promiscuous mode [ 423.654187][T14314] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.665195][T14314] bridge0: port 2(bridge_slave_1) entered disabled state [ 423.674324][T14314] bridge_slave_1: entered allmulticast mode [ 423.688217][T14314] bridge_slave_1: entered promiscuous mode [ 423.706703][ T51] Bluetooth: hci5: command tx timeout [ 423.960310][T14314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 423.999629][T14314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 424.623268][ T1109] bond0 (unregistering): Released all slaves [ 424.736813][T14314] team0: Port device team_slave_0 added [ 424.751612][T14314] team0: Port device team_slave_1 added [ 424.818084][ T1109] tipc: Disabling bearer [ 424.828310][ T1109] tipc: Left network mode [ 424.967061][T14314] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 424.984899][T14314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.027481][T14314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 425.070159][T14314] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 425.090795][T14314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.183174][T14314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 425.516338][T14314] hsr_slave_0: entered promiscuous mode [ 425.524865][T14314] hsr_slave_1: entered promiscuous mode [ 425.534775][T14314] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 425.554949][T14314] Cannot create hsr debugfs directory [ 425.786836][ T51] Bluetooth: hci5: command tx timeout [ 425.803361][T14460] __nla_validate_parse: 7 callbacks suppressed [ 425.803384][T14460] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2952'. [ 426.139619][ T1109] hsr_slave_0: left promiscuous mode [ 426.155349][ T1109] hsr_slave_1: left promiscuous mode [ 426.295736][T14486] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2963'. [ 426.754476][T14501] netlink: 14568 bytes leftover after parsing attributes in process `syz.0.2970'. [ 427.087643][T14507] netlink: 'syz.3.2971': attribute type 1 has an invalid length. [ 427.113659][T14507] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2971'. [ 427.459685][T14521] netlink: 'syz.4.2979': attribute type 39 has an invalid length. [ 427.866553][ T51] Bluetooth: hci5: command tx timeout [ 428.053606][T14524] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2980'. [ 428.113806][T14534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2984'. [ 428.445273][T14544] syz_tun: entered allmulticast mode [ 428.455665][T14542] syz_tun: left allmulticast mode [ 428.600816][T14553] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2993'. [ 428.798072][T14562] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2997'. [ 428.809939][T14563] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2998'. [ 429.061241][ T1109] IPVS: stop unused estimator thread 0... [ 429.087633][T14575] IPVS: length: 78 != 520133856 [ 429.113868][T14314] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 429.170511][T14314] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 429.228810][T14314] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 429.299397][T14314] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 429.655593][T14314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 429.750824][T14314] 8021q: adding VLAN 0 to HW filter on device team0 [ 429.792608][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 429.799926][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 429.842412][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 429.849801][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 429.948569][ T51] Bluetooth: hci5: command tx timeout [ 430.138012][T14609] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3016'. [ 430.508899][T14314] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 430.581464][T14314] veth0_vlan: entered promiscuous mode [ 430.610130][T14314] veth1_vlan: entered promiscuous mode [ 430.703257][T14314] veth0_macvtap: entered promiscuous mode [ 430.722819][T14314] veth1_macvtap: entered promiscuous mode [ 430.777620][T14314] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 430.797097][T14314] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 430.830631][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 430.851764][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 430.879558][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 430.902076][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 431.071832][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 431.102831][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 431.183291][ T9913] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 431.191764][ T9913] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 431.650290][T14664] syz_tun: entered allmulticast mode [ 431.692977][T14663] syz_tun: left allmulticast mode [ 431.761795][T14670] __nla_validate_parse: 2 callbacks suppressed [ 431.761817][T14670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3036'. [ 432.188355][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 432.203565][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 432.226686][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 432.248177][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 432.256687][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 432.347327][ T5835] syz_tun (unregistering): left promiscuous mode [ 432.763509][T14679] chnl_net:caif_netlink_parms(): no params data found [ 432.943378][T14702] syz_tun: entered allmulticast mode [ 432.976574][T14700] syz_tun: left allmulticast mode [ 433.027143][T14709] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3049'. [ 433.093439][T14679] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.124179][T14679] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.144190][T14679] bridge_slave_0: entered allmulticast mode [ 433.184360][T14679] bridge_slave_0: entered promiscuous mode [ 433.220666][T14679] bridge0: port 2(bridge_slave_1) entered blocking state [ 433.236632][T14679] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.243940][T14679] bridge_slave_1: entered allmulticast mode [ 433.274230][T14679] bridge_slave_1: entered promiscuous mode [ 433.341414][T14718] syz_tun: entered allmulticast mode [ 433.398741][ C0] ------------[ cut here ]------------ [ 433.404555][ C0] WARNING: CPU: 0 PID: 1146 at net/ipv4/ipmr.c:2302 ip_mr_output+0xbb1/0xe70 [ 433.413444][ C0] Modules linked in: [ 433.417755][ C0] CPU: 0 UID: 0 PID: 1146 Comm: kworker/u8:6 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 433.430007][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 433.440143][ C0] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 433.448076][ C0] RIP: 0010:ip_mr_output+0xbb1/0xe70 [ 433.453444][ C0] Code: df e9 63 f6 ff ff e8 ce 33 c6 f7 48 8b 74 24 18 45 31 f6 31 ff ba 02 00 00 00 e8 9a 09 4c ff e9 45 f6 ff ff e8 b0 33 c6 f7 90 <0f> 0b 90 e9 94 f5 ff ff e8 a2 33 c6 f7 90 0f 0b 90 42 80 3c 2b 00 [ 433.473147][ C0] RSP: 0018:ffffc900000079a0 EFLAGS: 00010246 [ 433.479324][ C0] RAX: ffffffff89fa28a0 RBX: ffff88804edf3640 RCX: ffff888027188000 [ 433.487370][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 433.495482][ C0] RBP: ffffc90000007ab0 R08: ffff888027188000 R09: 0000000000000004 [ 433.503541][ C0] R10: 0000000000000003 R11: ffffffff89fa1cf0 R12: 0000000000000010 [ 433.511680][ C0] R13: dffffc0000000000 R14: ffff88807725a400 R15: 0000000000000000 [ 433.519741][ C0] FS: 0000000000000000(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000 [ 433.528880][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 433.535506][ C0] CR2: 00007fa38437e2d8 CR3: 0000000073234000 CR4: 00000000003526f0 [ 433.543556][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 433.551599][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 433.559654][ C0] Call Trace: [ 433.562975][ C0] [ 433.565852][ C0] ? __pfx_dst_output+0x10/0x10 [ 433.570787][ C0] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 433.576224][ C0] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 433.582372][ C0] ? __pfx_ip_mr_output+0x10/0x10 [ 433.587583][ C0] ? skb_dst+0x4f/0xd0 [ 433.591795][ C0] ? dst_output+0x177/0x1c0 [ 433.596406][ C0] igmp_send_report+0x89e/0xdb0 [ 433.601311][ C0] ? __pfx_igmp_send_report+0x10/0x10 [ 433.606762][ C0] ? igmp_start_timer+0x211/0x2b0 [ 433.612025][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 433.617305][ C0] igmp_timer_expire+0x204/0x510 [ 433.622302][ C0] call_timer_fn+0x17e/0x5f0 [ 433.626969][ C0] ? __pfx_igmp_timer_expire+0x10/0x10 [ 433.632476][ C0] ? call_timer_fn+0xbe/0x5f0 [ 433.637235][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 433.642412][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 433.647707][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 433.653082][ C0] ? __pfx_igmp_timer_expire+0x10/0x10 [ 433.658621][ C0] __run_timer_base+0x61a/0x860 [ 433.663555][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 433.669029][ C0] run_timer_softirq+0xb7/0x180 [ 433.674187][ C0] handle_softirqs+0x286/0x870 [ 433.679036][ C0] ? do_softirq+0xec/0x180 [ 433.683513][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 433.688888][ C0] ? batadv_forw_packet_steal+0x14e/0x170 [ 433.694656][ C0] do_softirq+0xec/0x180 [ 433.698970][ C0] [ 433.701927][ C0] [ 433.704882][ C0] ? __pfx_do_softirq+0x10/0x10 [ 433.709817][ C0] ? lockdep_softirqs_on+0x13b/0x1c0 [ 433.715176][ C0] __local_bh_enable_ip+0x17d/0x1c0 [ 433.720571][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 433.726349][ C0] ? batadv_forw_packet_steal+0x14e/0x170 [ 433.732232][ C0] batadv_forw_packet_steal+0x14e/0x170 [ 433.737859][ C0] batadv_iv_send_outstanding_bat_ogm_packet+0x6db/0x7e0 [ 433.744948][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 433.750763][ C0] process_scheduled_works+0xae1/0x17b0 [ 433.756433][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 433.762488][ C0] worker_thread+0x8a0/0xda0 [ 433.767193][ C0] kthread+0x70e/0x8a0 [ 433.771339][ C0] ? __pfx_worker_thread+0x10/0x10 [ 433.776544][ C0] ? __pfx_kthread+0x10/0x10 [ 433.781237][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 433.786535][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 433.791775][ C0] ? __pfx_kthread+0x10/0x10 [ 433.796455][ C0] ret_from_fork+0x3f9/0x770 [ 433.801099][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 433.806281][ C0] ? __switch_to_asm+0x39/0x70 [ 433.811561][ C0] ? __switch_to_asm+0x33/0x70 [ 433.816408][ C0] ? __pfx_kthread+0x10/0x10 [ 433.821076][ C0] ret_from_fork_asm+0x1a/0x30 [ 433.825898][ C0] [ 433.828998][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 433.836315][ C0] CPU: 0 UID: 0 PID: 1146 Comm: kworker/u8:6 Not tainted 6.16.0-rc2-syzkaller-00591-g4f4040ea5d3e #0 PREEMPT(full) [ 433.848514][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 433.858614][ C0] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 433.866505][ C0] Call Trace: [ 433.869826][ C0] [ 433.872711][ C0] dump_stack_lvl+0x99/0x250 [ 433.877360][ C0] ? __asan_memcpy+0x40/0x70 [ 433.882014][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 433.887262][ C0] ? __pfx__printk+0x10/0x10 [ 433.891900][ C0] panic+0x2db/0x790 [ 433.895844][ C0] ? __pfx_panic+0x10/0x10 [ 433.900308][ C0] ? show_trace_log_lvl+0x4fb/0x550 [ 433.905570][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 433.910560][ C0] __warn+0x31b/0x4b0 [ 433.914604][ C0] ? ip_mr_output+0xbb1/0xe70 [ 433.919341][ C0] ? ip_mr_output+0xbb1/0xe70 [ 433.924067][ C0] report_bug+0x2be/0x4f0 [ 433.928439][ C0] ? ip_mr_output+0xbb1/0xe70 [ 433.933164][ C0] ? ip_mr_output+0xbb1/0xe70 [ 433.937881][ C0] ? ip_mr_output+0xbb3/0xe70 [ 433.942576][ C0] handle_bug+0x84/0x160 [ 433.946835][ C0] exc_invalid_op+0x1a/0x50 [ 433.951361][ C0] asm_exc_invalid_op+0x1a/0x20 [ 433.956245][ C0] RIP: 0010:ip_mr_output+0xbb1/0xe70 [ 433.961550][ C0] Code: df e9 63 f6 ff ff e8 ce 33 c6 f7 48 8b 74 24 18 45 31 f6 31 ff ba 02 00 00 00 e8 9a 09 4c ff e9 45 f6 ff ff e8 b0 33 c6 f7 90 <0f> 0b 90 e9 94 f5 ff ff e8 a2 33 c6 f7 90 0f 0b 90 42 80 3c 2b 00 [ 433.981159][ C0] RSP: 0018:ffffc900000079a0 EFLAGS: 00010246 [ 433.987235][ C0] RAX: ffffffff89fa28a0 RBX: ffff88804edf3640 RCX: ffff888027188000 [ 433.995215][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 434.003186][ C0] RBP: ffffc90000007ab0 R08: ffff888027188000 R09: 0000000000000004 [ 434.011160][ C0] R10: 0000000000000003 R11: ffffffff89fa1cf0 R12: 0000000000000010 [ 434.019131][ C0] R13: dffffc0000000000 R14: ffff88807725a400 R15: 0000000000000000 [ 434.027131][ C0] ? __pfx_ip_mr_output+0x10/0x10 [ 434.032171][ C0] ? ip_mr_output+0xbb0/0xe70 [ 434.036862][ C0] ? __pfx_dst_output+0x10/0x10 [ 434.041726][ C0] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 434.047106][ C0] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 434.053271][ C0] ? __pfx_ip_mr_output+0x10/0x10 [ 434.058309][ C0] ? skb_dst+0x4f/0xd0 [ 434.062386][ C0] ? dst_output+0x177/0x1c0 [ 434.066897][ C0] igmp_send_report+0x89e/0xdb0 [ 434.071758][ C0] ? __pfx_igmp_send_report+0x10/0x10 [ 434.077138][ C0] ? igmp_start_timer+0x211/0x2b0 [ 434.082175][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 434.087379][ C0] igmp_timer_expire+0x204/0x510 [ 434.092331][ C0] call_timer_fn+0x17e/0x5f0 [ 434.096926][ C0] ? __pfx_igmp_timer_expire+0x10/0x10 [ 434.102401][ C0] ? call_timer_fn+0xbe/0x5f0 [ 434.107089][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 434.112264][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 434.117492][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 434.122799][ C0] ? __pfx_igmp_timer_expire+0x10/0x10 [ 434.128716][ C0] __run_timer_base+0x61a/0x860 [ 434.133611][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 434.139006][ C0] run_timer_softirq+0xb7/0x180 [ 434.143870][ C0] handle_softirqs+0x286/0x870 [ 434.148664][ C0] ? do_softirq+0xec/0x180 [ 434.153101][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 434.158407][ C0] ? batadv_forw_packet_steal+0x14e/0x170 [ 434.164659][ C0] do_softirq+0xec/0x180 [ 434.168920][ C0] [ 434.171858][ C0] [ 434.174801][ C0] ? __pfx_do_softirq+0x10/0x10 [ 434.179682][ C0] ? lockdep_softirqs_on+0x13b/0x1c0 [ 434.185149][ C0] __local_bh_enable_ip+0x17d/0x1c0 [ 434.190363][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 434.196098][ C0] ? batadv_forw_packet_steal+0x14e/0x170 [ 434.201827][ C0] batadv_forw_packet_steal+0x14e/0x170 [ 434.207390][ C0] batadv_iv_send_outstanding_bat_ogm_packet+0x6db/0x7e0 [ 434.214431][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 434.220159][ C0] process_scheduled_works+0xae1/0x17b0 [ 434.225761][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 434.231767][ C0] worker_thread+0x8a0/0xda0 [ 434.236388][ C0] kthread+0x70e/0x8a0 [ 434.240480][ C0] ? __pfx_worker_thread+0x10/0x10 [ 434.245603][ C0] ? __pfx_kthread+0x10/0x10 [ 434.250195][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 434.255405][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 434.260603][ C0] ? __pfx_kthread+0x10/0x10 [ 434.265199][ C0] ret_from_fork+0x3f9/0x770 [ 434.269846][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 434.275002][ C0] ? __switch_to_asm+0x39/0x70 [ 434.279769][ C0] ? __switch_to_asm+0x33/0x70 [ 434.284534][ C0] ? __pfx_kthread+0x10/0x10 [ 434.289129][ C0] ret_from_fork_asm+0x1a/0x30 [ 434.293907][ C0] [ 434.297283][ C0] Kernel Offset: disabled [ 434.301631][ C0] Rebooting in 86400 seconds..